I am leaving Socionext. Orphan the UniPhier platform until somebody
takes the role.
Change-Id: I54d3da6d49c1ccaaa475431654db578b683db88a
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Updated the cot-binding documentation to add 'id'
property for the trusted and non-trusted nv-counters.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: If1c628c5b90fe403dd96c7cd0cd04f37288c965c
- Add some guidance about the type of information a patch author should
provide to facilitate the review (and for future reference).
- Make a number of implicit expectations explicit:
- Every patch must compile.
- All CI tests must pass.
- Mention that the patch author is expected to add reviewers and explain
how to choose them.
- Explain the patch submission rules in terms of Gerrit labels.
Also do some cosmetic changes, like adding empty lines, shuffling some
paragraphs around.
Change-Id: I6dac486684310b5a35aac7353e10fe5474a81ec5
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Add a section for that in the coding guidelines.
Change-Id: Ie6819c4df5889a861460eb96acf2bc9c0cfb494e
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Enable the spm_mm framework for the qemu_sbsa platform.
Memory layout required for spm_mm is created in secure SRAM.
Co-developed-by: Fu Wei <fu.wei@linaro.org>
Signed-off-by: Fu Wei <fu.wei@linaro.org>
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Change-Id: I104a623e8bc1e44d035b95f014a13b3f8b33a62a
Documented the CPU specific build macros created for AT
speculative workaround.
Updated the description of 'ERRATA_SPECULATIVE_AT' errata
workaround option.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ie46a80d4e8183c1d5c8b153f08742a04d41a2af2
SP804 TIMER is not platform specific, and current code base adds
multiple defines to use this driver. Like FVP_USE_SP804_TIMER and
FVP_VE_USE_SP804_TIMER.
This patch removes platform specific build flag and adds generic
flag `USE_SP804_TIMER` to be set to 1 by platform if needed.
Change-Id: I5ab792c189885fd1b98ddd187f3a38ebdd0baba2
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Ensuring that each file changed by a patch has the correct copyright and
license information does not only apply to documentation files but to
all files within the source tree.
Move the guidance for copyright and license headers out of the paragraph
about updating the documentation to avoid any confusion.
Also do some cosmetic changes (adding empty lines, fitting in longer
lines in the 80-column limit, ...) to improve the readability of the RST
file.
Change-Id: I241a2089ca9db70f5a9f26b7070b947674b43265
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
We have noticed that Phabricator (the ticketing system on tf.org [1])
has far less visibility within the community than the mailing list [2].
For this reason, let's drop usage of Phabricator for anything else than
bug reports. For the rest, advise contributors to start a discussion on
the mailing list, where they are more likely to get feedback.
[1] https://developer.trustedfirmware.org/project/board/1/
[2] https://lists.trustedfirmware.org/mailman/listinfo/tf-a
Change-Id: I7d2d3d305ad0a0f8aacc2a2f25eb5ff429853a3f
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
This patch fixes the bug when AMUv1 group1 counters was
always assumed being implemented without checking for its
presence which was causing exception otherwise.
The AMU extension code was also modified as listed below:
- Added detection of AMUv1 for ARMv8.6
- 'PLAT_AMU_GROUP1_NR_COUNTERS' build option is removed and
number of group1 counters 'AMU_GROUP1_NR_COUNTERS' is now
calculated based on 'AMU_GROUP1_COUNTERS_MASK' value
- Added bit fields definitions and access functions for
AMCFGR_EL0/AMCFGR and AMCGCR_EL0/AMCGCR registers
- Unification of amu.c Aarch64 and Aarch32 source files
- Bug fixes and TF-A coding style compliant changes.
Change-Id: I14e407be62c3026ebc674ec7045e240ccb71e1fb
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Adding support for QTI CHIP SC7180 on ATF
Change-Id: I0d82d3a378036003fbd0bc4784f61464bb76ea82
Signed-off-by: Saurabh Gorecha <sgorecha@codeaurora.org>
Co-authored-by: Maulik Shah <mkshah@codeaurora.org>
If the user tries to change BUILD_BASE to put the build products outside
the build tree the compile will fail due to hard coded assumptions that
$BUILD_BASE is a relative path. Fix by using $(abspath $(BUILD_BASE))
to rationalize to an absolute path every time and remove the relative
path assumptions.
This patch also adds documentation that BUILD_BASE can be specified by
the user.
Signed-off-by: Grant Likely <grant.likely@arm.com>
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ib1af874de658484aaffc672f30029b852d2489c8
These broken links were found with the help of this command:
$> sphinx-build -M linkcheck . build
A sample broken link is reported as follows:
(line 80) -local- firmware-design.rst#secure-el1-payloads-and-dispatchers
Change-Id: I5dcefdd4b8040908658115647e957f6c2c5da7c2
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Provide manifest and build options to boot OP-TEE as a
guest S-EL1 Secure Partition on top of Hafnium in S-EL2.
Increase ARM_SP_MAX_SIZE to cope with OP-TEE debug build image.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: Idd2686fa689a78fe2d05ed92b1d23c65e2edd4cb
Openssl directory path is hardcoded to '/usr' in the makefile
of certificate generation and firmware encryption tool using
'OPENSSL_DIR' variable.
Hence changes are done to make 'OPENSSL_DIR' variable as
a build option so that user can provide openssl directory
path while building the certificate generation and firmware
encryption tool.
Also, updated the document for this newly created build option
Change-Id: Ib1538370d2c59263417f5db3746d1087ee1c1339
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The purpose of rx_training had changed after last update. Currently it
is not supposed to help with providing static parameters for porting
layer. Instead, it aims to suit the parameters per connection.
Change-Id: I2a146b71e2e20bd264c090a9a627d0b6bc56e052
Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
Add references to the OcteonTX2 CN913x family.
Change-Id: I172a8e3d061086bf4843acad014c113c80359e01
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
The link to the exception handling framework page on the System Design /
Firmware Design / Section 4.3 just links to itself, so I changed it to
link to the exception handling framework component document.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I6711b423a789b2b3d1921671e8497fffa8ba33d1
Currently, 'SMCCC_ARCH_FEATURES' SMC call handler unconditionally
returns 'SMC_OK' for 'SMCCC_ARCH_SOC_ID' function. This seems to
be not correct for the platform which doesn't implement soc-id
functionality i.e. functions to retrieve both soc-version and
soc-revision.
Hence introduced a platform function which will check whether SMCCC
feature is available for the platform.
Also, updated porting guide for the newly added platform function.
Change-Id: I389f0ef6b0837bb24c712aa995b7176117bc7961
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
This reverts commit 11af40b630, reversing
changes made to 2afcf1d4b8.
This errata workaround did not work as intended so we are reverting this
change. In the future, when the corrected workaround is published in an
SDEN, we will push a new workaround.
This is the patch being reverted:
https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4750
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I20aa064c1bac9671939e657bec269d32b9e75a97
Update SGI-575, RD-E1-Edge and RD-N1-Edge FVP versions to 11.10/36 and
add RD-N1-Edge-Dual to the list of supported Arm Fixed Virtual
Platforms.
Change-Id: I9e7e5662324eeefc80d799ca5341b5bc4dc39cbb
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
* changes:
plat/arm/board/fvp: Add support for Measured Boot
TF-A: Add support for Measured Boot driver to FCONF
TF-A: Add support for Measured Boot driver in BL1 and BL2
TF-A: Add Event Log for Measured Boot
TF-A: Add support for Measured Boot driver
This patch adds support for Measured Boot functionality
to FVP platform code. It also defines new properties
in 'tpm_event_log' node to store Event Log address and
it size
'tpm_event_log_sm_addr'
'tpm_event_log_addr'
'tpm_event_log_size'
in 'event_log.dtsi' included in 'fvp_tsp_fw_config.dts'
and 'fvp_nt_fw_config.dts'. The node and its properties
are described in binding document
'docs\components\measured_boot\event_log.rst'.
Change-Id: I087e1423afcb269d6cfe79c1af9c348931991292
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Former EL3 Secure Partition Manager using MM protocol is renamed
Secure Partition Manager (MM).
A new Secure Partition Manager document covers TF-A support for the
PSA FF-A compliant implementation.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I9763359c2e96181e1726c8ad72738de293b80eb4
This patch adds the following models
FVP_Base_Neoverse-E1x1
FVP_Base_Neoverse-E1x2
FVP_Base_Neoverse-E1x4
to the list of supported FVP platforms.
Change-Id: Ib526a2a735f17724af3a874b06bf69b4ca85d0dd
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
docker (container) is another way to build the documentation and fortunately
there is already a docker image (sphinxdoc/sphinx) with sphinx so we can use
it to generate the documentation.
Change-Id: I06b0621cd7509a8279655e828680b92241b9fde4
Signed-off-by: Leonardo Sandoval <leonardo.sandoval@linaro.org>
The LLC SRAM will be enabled in OP-TEE OS for usage as secure storage.
The CCU have to prepare SRAM window, but point to the DRAM-0 target
until the SRAM is actually enabled.
This patch changes CCU SRAM window target to DRAM-0
Remove dependence between LLC_SRAM and LLC_ENABLE and update the
build documentation.
The SRAМ base moved to follow the OP-TEE SHMEM area (0x05400000)
Change-Id: I85c2434a3d515ec37da5ae8eb729e3280f91c456
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
The i.MX 8MP Media Applications Processor is part of the growing
i.MX8M family targeting the consumer and industrial market. It brings
an effective Machine Learning and AI accelerator that enables a new
class of applications. It is built in 14LPP to achieve both high
performance and low power consumption and relies on a powerful fully
coherent core complex based on a quad core Arm Cortex-A53 cluster and
Cortex-M7 low-power coprocessor, audio digital signal processor, machine
learning and graphics accelerators.
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I98311ebc32bee20af05031492e9fc24d06e55f4a
Added a build option 'COT_DESC_IN_DTB' to create chain of trust
at runtime using fconf.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I92b257ac4ece8bbf56f05a41d1e4056e2422ab89
Updated the CoT binding document to show chain of trust relationship
with the help of 'authentication method' and 'authentication data'
instead of showing content of certificate and fixed rendering issue
while creating html page using this document.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ib48279cfe786d149ab69ddc711caa381a50f9e2b
Fix the version inconsistency in the same file.
I tested QEMU 5.0.0, and it worked for me.
Change-Id: I9d8ca9aae1e413410eb5676927e13ae4aee9fad8
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
In my understanding, /dev/vda2 does not exist unless you add
virtio drive to the qemu command line.
The rootfs is already specified by '-initrd rootfs.cpio.gz'.
Change-Id: Ifdca5d4f3819d87ef7e8a08ed870872d24b86370
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
This commit solves the limitation, "No build instructions for
QEMU_EFI.fd and rootfs-arm64.cpio.gz"
Document the steps to build them.
Change-Id: Ic6d895617cf71fe969f4aa9820dad25cc6182023
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Fix all external broken links reported by Sphinx linkcheck tool.
This does not take care of broken cross-references between internal
TF-A documentation files. These will be fixed in a future patch.
Change-Id: I2a740a3ec0b688c14aad575a6c2ac71e72ce051e
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
There were some links in the file "ras.rst" which were broken, this
patch fixes all the broken links in this file.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I00cf080e9338af5786239a4843cb4c2e0cc9d99d
* changes:
plat: marvell: armada: a8k: add OP-TEE OS MMU tables
drivers: marvell: add support for mapping the entire LLC to SRAM
plat: marvell: armada: add LLC SRAM CCU setup for AP806/AP807 platforms
plat: marvell: armada: reduce memory size reserved for FIP image
plat: marvell: armada: platform definitions cleanup
plat: marvell: armada: a8k: check CCU window state before loading MSS BL2
drivers: marvell: add CCU driver API for window state checking
drivers: marvell: align and extend llc macros
plat: marvell: a8k: move address config of cp1/2 to BL2
plat: marvell: armada: re-enable BL32_BASE definition
plat: marvell: a8k: extend includes to take advantage of the phy_porting_layer
marvell: comphy: initialize common phy selector for AP mode
marvell: comphy: update rx_training procedure
plat: marvell: armada: configure amb for all CPs
plat: marvell: armada: modify PLAT_FAMILY name for 37xx SoCs
Updated the porting guide for the usage of received arguments
in BL2 and BL32 setup functions in case of Arm platform.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ia83a5607fed999819d25e49322b3bfb5db9425c0
Updated the document for BL1 and BL2 boot flow to capture
below changes made in FCONF
1. Loading of fw_config and tb_fw_config images by BL1.
2. Population of fw_config and tb_fw_config by BL2.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ifea5c61d520ff1de834c279ce1759b53448303ba
* changes:
doc: Update memory layout for firmware configuration area
plat/arm: Increase size of firmware configuration area
plat/arm: Load and populate fw_config and tb_fw_config
fconf: Handle error from fconf_load_config
plat/arm: Update the fw_config load call and populate it's information
fconf: Allow fconf to load additional firmware configuration
fconf: Clean confused naming between TB_FW and FW_CONFIG
tbbr/dualroot: Add fw_config image in chain of trust
cert_tool: Update cert_tool for fw_config image support
fiptool: Add fw_config in FIP
plat/arm: Rentroduce tb_fw_config device tree
Neoverse N1 erratum 1800710 is a Cat B erratum, present in older
revisions of the Neoverse N1 processor core. The workaround is to
set a bit in the ECTLR_EL1 system register, which disables allocation
of splintered pages in the L2 TLB.
This errata is explained in this SDEN:
https://static.docs.arm.com/sden885747/f/Arm_Neoverse_N1_MP050_Software_Developer_Errata_Notice_v21.pdf
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: Ie5b15c8bc3235e474a06a57c3ec70684361857a6
Cortex A77 erratum 1800714 is a Cat B erratum, present in older
revisions of the Cortex A77 processor core. The workaround is to
set a bit in the ECTLR_EL1 system register, which disables allocation
of splintered pages in the L2 TLB.
Since this is the first errata workaround implemented for Cortex A77,
this patch also adds the required cortex_a77_reset_func in the file
lib/cpus/aarch64/cortex_a77.S.
This errata is explained in this SDEN:
https://static.docs.arm.com/101992/0010/Arm_Cortex_A77_MP074_Software_Developer_Errata_Notice_v10.pdf
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I844de34ee1bd0268f80794e2d9542de2f30fd3ad
Captured the increase in firmware configuration area from
4KB to 8kB in memory layout document. Updated the documentation
to provide details about fw_config separately.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ifbec443ced479301be65827b49ff4fe447e9109f
All projects under the TrustedFirmware.org project now use the same
security incident process, therefore update the disclosure/vulnerability
reporting information in the TF-A documentation.
------------------------------------------------------------------------
/!\ IMPORTANT /!\
Please note that the email address to send these reports to has changed.
Please do *not* use trusted-firmware-security@arm.com anymore.
Similarly, the PGP key provided to encrypt emails to the security email
alias has changed as well. Please do *not* use the former one provided
in the TF-A source tree. It is recommended to remove it from your
keyring to avoid any mistake. Please use the new key provided on
TrustedFirmware.org from now on.
------------------------------------------------------------------------
Change-Id: I14eb61017ab99182f1c45d1e156b96d5764934c1
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Added a binding document for COT descriptors which is going
to be used in order to create COT desciptors at run-time.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ic54519b0e16d145cd1609274a00b137a9194e8dd
Cortex A76 erratum 1800710 is a Cat B erratum, present in older
revisions of the Cortex A76 processor core. The workaround is to
set a bit in the ECTLR_EL1 system register, which disables allocation
of splintered pages in the L2 TLB.
This errata is explained in this SDEN:
https://static.docs.arm.com/sden885749/g/Arm_Cortex_A76_MP052_Software_Developer_Errata_Notice_v20.pdf
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: Ifc34f2e9e053dcee6a108cfb7df7ff7f497c9493
Cortex A76 erratum 1791580 is a Cat B erratum present in earlier
revisions of the Cortex A76. The workaround is to set a bit in the
implementation defined CPUACTLR2 register, which forces atomic store
operations to write-back memory to be performed in the L1 data cache.
This errata is explained in this SDEN:
https://static.docs.arm.com/sden885749/g/Arm_Cortex_A76_MP052_Software_Developer_Errata_Notice_v20.pdf
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: Iefd58159b3f2e2286138993317b98e57dc361925
Add llc_sram_enable() and llc_sram_disable() APIs to Marvell
cache_lls driver.
Add LLC_SRAM definition to Marvell common makefile - disabled
by the default.
Add description of LLC_SRAM flag to the build documentation.
Change-Id: Ib348e09752ce1206d29268ef96c9018b781db182
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
* changes:
ddr: a80x0: add DDR 32-bit ECC mode support
ble: ap807: improve PLL configuration sequence
ble: ap807: clean-up PLL configuration sequence
ddr: a80x0: add DDR 32-bit mode support
plat: marvell: mci: perform mci link tuning for all mci interfaces
plat: marvell: mci: use more meaningful name for mci link tuning
plat: marvell: a8k: remove wrong or unnecessary comments
plat: marvell: ap807: enable snoop filter for ap807
plat: marvell: ap807: update configuration space of each CP
plat: marvell: ap807: use correct address for MCIx4 register
plat: marvell: add support for PLL 2.2GHz mode
plat: marvell: armada: make a8k_common.mk and mss_common.mk more generic
marvell: armada: add extra level in marvell platform hierarchy
This patch adds a build config 'RAS_TRAP_LOWER_EL_ERR_ACCESS' to set
SCR_EL3.TERR during CPU boot. This bit enables trapping RAS register
accesses from EL1 or EL2 to EL3.
RAS_TRAP_LOWER_EL_ERR_ACCESS is disabled by default.
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Change-Id: Ifb0fb0afedea7dd2a29a0b0491a1161ecd241438
Using the fconf framework, the Group 0 and Group 1 secure interrupt
descriptors are moved to device tree and retrieved in runtime. This
feature is enabled by the build flag SEC_INT_DESC_IN_FCONF.
Change-Id: I360c63a83286c7ecc2426cd1ff1b4746d61e633c
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
The only difference between GIC-500 and GIC-600 relevant to TF-A is the
differing power management sequence.
A certain GIC implementation is detectable at runtime, for instance by
checking the IIDR register. Let's add that test before initiating the
GIC-600 specific sequence, so the code can be used on both GIC-600 and
GIC-500 chips alike, without deciding on a GIC chip at compile time.
This means that the GIC-500 "driver" is now redundant. To allow minimal
platform support, add a switch to disable GIC-600 support.
Change-Id: I17ea97d9fb05874772ebaa13e6678b4ba3415557
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
This commit introduces 32-bit DDR topology map initialization.
For that purpose a new DDR32 build flag is added, with
according documentation update.
Change-Id: I169ff358c2923afd984e27bc126dc551dcaefc01
Signed-off-by: Alex Leibovich <alexl@marvell.com>
This commit is a preparation for upcoming support for OcteonTX and
OcteonTX2 product families. Armada platform related files (docs,
plat, include/plat) are moved to the new "armada" sub-folder.
Change-Id: Icf03356187078ad6a2e56c9870992be3ca4c9655
Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
Signed-off-by: Marcin Wojtas <mw@semihalf.com>
As per the trustedfirmware.org Project Maintenance Process [1], the
current maintainers of the TF-A project have nominated some contributors
to become maintainers themselves. List them in the maintainers.rst file
to make this official.
[1] https://developer.trustedfirmware.org/w/collaboration/project-maintenance-process/
Change-Id: Id4e3cfd12a9074f4e255087fa5dd6fa5f902845f
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Extend the list of modules and assign code owners to each of them.
Change-Id: I267b87d8e239c7eff143b4c7e6ce9712fcf7101e
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
This patch adds support for Total Compute (TC0) platform. It is an
initial port and additional features are expected to be added later.
TC0 has a SCP which brings the primary Cortex-A out of reset
which starts executing BL1. TF-A optionally authenticates the SCP
ram-fw available in FIP and makes it available for SCP to copy.
Some of the major features included and tested in this platform
port include TBBR, PSCI, MHUv2 and DVFS.
Change-Id: I1675e9d200ca7687c215009eef483d9b3ee764ef
Signed-off-by: Usama Arif <usama.arif@arm.com>
Document the second argument of the function.
Minor rewording.
Change-Id: I190794b8cc74c99db4cfe6efc225217c32dd0774
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
- Fix possible run-time ELs value and xlat-granule size.
- Remove mandatory field for stream-ids.
- Define interrupts attributes to <u32>.
- Remove mem-manage field.
- Add description for memory/device region attributes.
Co-authored-by: Manish Pandey <manish.pandey2@arm.com>
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I71cf4406c78eaf894fa6532f83467a6f4110b344
SPCI is renamed as PSA FF-A which stands for Platform Security
Architecture Firmware Framework for A class processors.
This patch replaces the occurrence of SPCI with PSA FF-A(in documents)
or simply FFA(in code).
Change-Id: I4ab10adb9ffeef1ff784641dfafd99f515133760
Signed-off-by: J-Alves <joao.alves@arm.com>
This patch enables the v8.6 extension to add a delay before WFE traps
are taken. A weak hook plat_arm_set_twedel_scr_el3 has been added in
plat/common/aarch64/plat_common.c that disables this feature by default
but platform-specific code can override it when needed.
The only hook provided sets the TWED fields in SCR_EL3, there are similar
fields in HCR_EL2, SCTLR_EL2, and SCTLR_EL1 to control WFE trap delays in
lower ELs but these should be configured by code running at EL2 and/or EL1
depending on the platform configuration and is outside the scope of TF-A.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I0a9bb814205efeab693a3d0a0623e62144abba2d
CoT used for BL1 and BL2 are moved to tbbr_cot_bl1.c
and tbbr_cot_bl2.c respectively.
Common CoT used across BL1 and BL2 are moved to
tbbr_cot_common.c.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I2252ac8a6960b3431bcaafdb3ea4fb2d01b79cf5
This patch introduces dynamic configuration for SDEI setup and is supported
when the new build flag SDEI_IN_FCONF is enabled. Instead of using C arrays
and processing the configuration at compile time, the config is moved to
dts files. It will be retrieved at runtime during SDEI init, using the fconf
layer.
Change-Id: If5c35a7517ba00a9f258d7f3e7c8c20cee169a31
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Co-authored-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
During context switching from higher EL (EL2 or higher)
to lower EL can cause incorrect translation in TLB due to
speculative execution of AT instruction using out-of-context
translation regime.
Workaround is implemented as below during EL's (EL1 or EL2)
"context_restore" operation:
1. Disable page table walk using SCTLR.M and TCR.EPD0 & EPD1
bits for EL1 or EL2 (stage1 and stage2 disabled)
2. Save all system registers except TCR and SCTLR (for EL1 and EL2)
3. Do memory barrier operation (isb) to ensure all
system register writes are done.
4. Restore TCR and SCTLR registers (for EL1 and EL2)
Errata details are available for various CPUs as below:
Cortex-A76: 1165522
Cortex-A72: 1319367
Cortex-A57: 1319537
Cortex-A55: 1530923
Cortex-A53: 1530924
More details can be found in mail-chain:
https://lists.trustedfirmware.org/pipermail/tf-a/2020-April/000445.html
Currently, Workaround is implemented as build option which is default
disabled.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: If8545e61f782cb0c2dda7ffbaf50681c825bd2f0
The maintainers.rst file provides the list of all TF-A modules and their
code owners. As there are quite a lot of modules (and more to come) in
TF-A, it is sometimes hard to find the information.
Introduce categories (core code, drivers/libraries/framework, ...) and
classify each module in the right one.
Note that the core code category is pretty much empty right now but the
plan would be to expand it with further modules (e.g. PSCI, SDEI, TBBR,
...) in a future patch.
Change-Id: Id68a2dd79a8f6b68af5364bbf1c59b20c05f8fe7
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Complete the documentation with information on how to write a DTS for
fconf. This patch adds the bindings information for dynamic
configuration properties.
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Change-Id: Ic6d9f927df53bb87315c23ec5a8943d0c3258d45
'make doc' will now fail if Sphinx outputs any warning messages during
documentation generation.
Change-Id: I3e466af58ccf29b14a7e61037539b79ab6fc6037
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
This is a fixup for patch 3ba55a3c5f
("docs: Update SMCCC doc, other changes for release"), where some
links names got changed but their references didn't.
Change-Id: I980d04dde338f3539a2ec1ae2e807440587b1cf5
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Following the messages on the mailing list regarding the possible issue around
reading DTB's information, we decided to flag the fconf feature as experimental.
A uniform approach should be used to handle properties miss and DTB validation.
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Change-Id: Ib3c86e81fb2e89452c593f68d825d3d8f505e1fb
Updating the change log for the v2.3 release and the upcoming change log
template for v2.4 release.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Ice875d3c93227069738a429d4b945512af8470e9
A small set of misc changes to ensure correctness before the v2.3
release.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I5b4e35b3b46616df0453cecff61f5a414951cd62
- Include the platform documentation in the table of contents.
- Add a title for the document. Without this, the platform
documentation was listed under a 'Description' title on page
https://trustedfirmware-a.readthedocs.io/en/latest/plat/index.html
- Change TF-A git repository URL to point to tf.org (rather than the
deprecated read-only mirror on Github).
- Fix the restructuredText syntax for the FIP command line. It was
not displayed at all on the rendered version.
Change-Id: I7a0f062bcf8e0dfc65e8f8bdd6775c497a47e619
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
This patch adds support for GICv4 extension.
New `GIC_ENABLE_V4_EXTN` option passed to gicv3.mk makefile
was added, and enables GICv4 related changes when set to 1.
This option defaults to 0.
Change-Id: I30ebe1b7a98d3a54863900f37eda4589c707a288
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
This patch provides support for GICv3.1 extended PPI and SPI
range. The option is enabled by setting to 1 and passing
`GIC_EXT_INTID` build flag to gicv3.mk makefile.
This option defaults to 0 with no extended range support.
Change-Id: I7d09086fe22ea531c5df51a8a1efd8928458d394
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
* changes:
doc: brcm: Add documentation file for brcm stingray platform
drivers: Add SPI Nor flash support
drivers: Add iproc spi driver
drivers: Add emmc driver for Broadcom platforms
Add BL31 support for Broadcom stingray platform
Add BL2 support for Broadcom stingray platform
Add bl31 support common across Broadcom platforms
Add bl2 setup code common across Broadcom platforms
drivers: Add support to retrieve plat_toc_flags
Update the plantuml diagrams to match the latest modification in fconf.
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Change-Id: I90f55bba0fd039a3f7e1bd39661cf849fccd64f5
Enable MTE support by adding memory tag option in Makefile
This option is available only when ARMv8.5-MemTag is implemented
MTE options are added in latest clang and armclang compiler which
support below options:
for clang <version 11.0.0>
1. -march=arm8.5-a+memtag
2. -fsanitize=memtag
for armclang <version 6.12>
1. -march=arm8.5-a+memtag
2. -mmemtag-stack
Set the option SUPPORT_STACK_MEMTAG=yes to enable memory stack tagging.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I4e0bbde4e9769ce03ead6f550158e22f32c1c413
The file README.odroid-c2 has been moved in the U-Boot repository.
Reference the official uplink repository.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Change-Id: Ie72c7aefd6363a406f88ad2c87faee1c7a2125a3
This patch moves all GICv3 driver files into new added
'gicv3.mk' makefile for the benefit of the generic driver
which can evolve in the future without affecting platforms.
The patch adds GICv3 driver configuration flags
'GICV3_IMPL', 'GICV3_IMPL_GIC600_MULTICHIP' and
'GICV3_OVERRIDE_DISTIF_PWR_OPS' described in
'GICv3 driver options' section of 'build-option.rst'
document.
NOTE: Platforms with GICv3 driver need to be modified to
include 'drivers/arm/gic/v3/gicv3.mk' in their makefiles.
Change-Id: If055f6770ff20f5dee5a3c99ae7ced7cdcac5c44
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Fix below warnings appeared in porting-guide.rst
WARNING: Title underline too short.
Change-Id: Ibc0eba0da72a53a5f9b61c49a8bf7a10b17bc3b8
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The manifest binding document defines the expected properties and their formats
to represent a partition manifest in device tree.
Change-Id: I5eb250c7b89e0d828e1fcfce32b121e4081879ec
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
* changes:
rpi: docs: Update maintainers file to new RPi directory scheme
rpi: console: Autodetect Mini-UART vs. PL011 configuration
rpi3: build: Include GPIO driver in all BL stages
rpi: Allow using PL011 UART for RPi3/RPi4
rpi3: console: Use same "clock-less" setup scheme as RPi4
rpi3: gpio: Simplify GPIO setup
With the addition of the Raspberry Pi 4 port the directory structure
changed a bit, also the new port didn't have a separate entry.
Add a new entry for the RPi4 port and adjust the path names.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Change-Id: I04b60e729a19bb0cc3dd6ce6899ec6480356b1f1
Implemented SMCCC_ARCH_SOC_ID call in order to get below
SOC information:
1. SOC revision
2. SOC version
Implementation done using below SMCCC specification document:
https://developer.arm.com/docs/den0028/c
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ie0595f1c345a6429a6fb4a7f05534a0ca9c9a48b
Merge the previously introduced arm_fconf_io_storage into arm_io_storage. This
removes the duplicate io_policies and functions definition.
This patch:
- replace arm_io_storage.c with the content of arm_fconf_io_storage.c
- rename the USE_FCONF_BASED_IO option into ARM_IO_IN_DTB.
- use the ARM_IO_IN_DTB option to compile out io_policies moved in dtb.
- propagate DEFINES when parsing dts.
- use ARM_IO_IN_DTB to include or not uuid nodes in fw_config dtb.
- set the ARM_IO_IN_DTB to 0 by default for fvp. This ensure that the behavior
of fvp stays the same as it was before the introduction of fconf.
Change-Id: Ia774a96d1d3a2bccad29f7ce2e2b4c21b26c080e
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Since uefi-tools isn't used any more in hikey and hikey960, update the
documents.
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
Change-Id: I0843d27610e241d442e58b6cd71967998730a35d
Since commit 3bff910dc1 ("Introduce COT
build option"), it is now possible to select a different Chain of Trust
than the TBBR-Client one.
Make a few adjustments in the documentation to reflect that. Also make
some minor improvements (fixing typos, better formatting, ...) along
the way.
Change-Id: I3bbadc441557e1e13311b6fd053fdab6b10b1ba2
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
The TBBR documentation has been written along with an early
implementation of the code. At that time, the range of supported
encryption and hash algorithms was failry limited. Since then, support
for other algorithms has been added in TF-A but the documentation has
not been updated.
Instead of listing them all, which would clutter this document while
still leaving it at risk of going stale in the future, remove specific
references to the original algorithms and point the reader at the
relevant comprehensive document for further details.
Change-Id: I29dc50bc1d53b728091a1fbaa1c3970fb999f7d5
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
To accommodate the increasing size of the SCP_BL2 binary, the base
address of the memory region allocated to SCP_BL2 has been moved
downwards from its current (mostly) arbitrary address to the beginning
of the non-shared trusted SRAM.
Change-Id: I086a3765bf3ea88f45525223d765dc0dbad6b434
Signed-off-by: Chris Kay <chris.kay@arm.com>
Necessary infrastructure added to integrate fconf framework in BL31 & SP_MIN.
Created few populator() functions which parse HW_CONFIG device tree
and registered them with fconf framework. Many of the changes are
only applicable for fvp platform.
This patch:
1. Adds necessary symbols and sections in BL31, SP_MIN linker script
2. Adds necessary memory map entry for translation in BL31, SP_MIN
3. Creates an abstraction layer for hardware configuration based on
fconf framework
4. Adds necessary changes to build flow (makefiles)
5. Minimal callback to read hw_config dtb for capturing properties
related to GIC(interrupt-controller node)
6. updates the fconf documentation
Change-Id: Ib6292071f674ef093962b9e8ba0d322b7bf919af
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Update qemu documentation with instructions to boot using FIP image.
Also, add option to build TF-A with TBBR and firmware encryption
enabled.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Change-Id: Ib3af485d413cd595352034c82c2268d7f4cb120a
This patch provides a fix for incorrect crash dump data for
lower EL when TF-A is built with HANDLE_EA_EL3_FIRST=1 option
which enables routing of External Aborts and SErrors to EL3.
Change-Id: I9d5e6775e6aad21db5b78362da6c3a3d897df977
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Add framework for autheticated decryption of data. Currently this
patch optionally imports mbedtls library as a backend if build option
"DECRYPTION_SUPPORT = aes_gcm" is set to perform authenticated decryption
using AES-GCM algorithm.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Change-Id: I2966f0e79033151012bf4ffc66f484cd949e7271
In commit 516beb585c ("TBB: apply TBBR naming
convention to certificates and extensions"), some of the variables used in the
TBBR chain of trust got renamed but the documentation did not get properly
updated everywhere to reflect these changes.
Change-Id: Ie8e2146882c2d3538c5b8c968d1bdaf5ea2a6e53
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Cortex-A65x4 and Cortex-A65AEx8 is now included in the list of the
supported Arm Fixed Virtual Platforms.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Ibfcaec11bc75549d60455e96858d79b679e71e5e
The maintainers.rst file lists files and directories that each contributor looks
after in the TF-A source tree. As files and directories move around over time,
some pathnames had become invalid. Fix them, either by updating the path if
it has just moved, or deleting it altogether if it doesn't seem to exist
anymore.
Change-Id: Idb6ff4d8d0b593138d4f555ec206abcf68b0064f
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
It is needed to make it appear in the table of contents. Right now,
all Amlogic documentation pages appear under the "Platform ports"
section, except the AXG one.
Change-Id: Ibcfc3b156888d2a9574953578978b629e185c708
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Till now TF-A allows limited number of external images to be made part
of FIP. With SPM coming along, there may exist multiple SP packages
which need to be inserted into FIP. To achieve this we need a more
scalable approach to feed SP packages to FIP.
This patch introduces changes in build system to generate and add SP
packages into FIP based on information provided by platform.
Platform provides information in form of JSON which contains layout
description of available Secure Partitions.
JSON parser script is invoked by build system early on and generates
a makefile which updates FIP, SPTOOL and FDT arguments which will be
used by build system later on for final packaging.
"SP_LAYOUT_FILE" passed as a build argument and can be outside of TF-A
tree. This option will be used only when SPD=spmd.
For each SP, generated makefile will have following entries
- FDT_SOURCES += sp1.dts
- SPTOOL_ARGS += -i sp1.img:sp1.dtb -o sp1.pkg
- FIP_ARGS += --blob uuid=XXXX-XXX...,file=SP1.pkg
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ib6a9c064400caa3cd825d9886008a3af67741af7
The CPUACTLR_EL1 register on Cortex-A57 CPUs supports a bit to enable
non-cacheable streaming enhancement. Platforms can set this bit only
if their memory system meets the requirement that cache line fill
requests from the Cortex-A57 processor are atomic.
This patch adds support to enable higher performance non-cacheable load
forwarding for such platforms. Platforms must enable this support by
setting the 'A57_ENABLE_NONCACHEABLE_LOAD_FWD' flag from their
makefiles. This flag is disabled by default.
Change-Id: Ib27e55dd68d11a50962c0bbc5b89072208b4bac5
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
When TF-A is built with RESET_TO_BL31=1 option, BL31 is the
first image to be run and should have all the memory allocated
to it except for the memory reserved for Shared RAM at the start
of Trusted SRAM.
This patch fixes FVP BL31 load address and its image size for
RESET_TO_BL31=1 option. BL31 startup address should be set to
0x400_1000 and its maximum image size to the size of Trusted SRAM
minus the first 4KB of shared memory.
Loading BL31 at 0x0402_0000 as it is currently stated in
'\docs\plat\arm\fvp\index.rst' causes EL3 exception when the
image size gets increased (i.e. building with LOG_LEVEL=50)
but doesn't exceed 0x3B000 not causing build error.
Change-Id: Ie450baaf247f1577112f8d143b24e76c39d33e91
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
This patch:
- Add the __COHERENT_RAM_START__ and __COHERENT_RAM_END__ symbols.
- Improve how the symbols are found with a regex.
- Add a build option to revert the memory layout output.
Change-Id: I54ec660261431bc98d78acb0f80e3d95bc5397ac
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
This patch adds information on the PMU configuration registers
and security considerations related to the PMU.
Signed-off-by: Petre-Ionut Tudor <petre-ionut.tudor@arm.com>
Change-Id: I36b15060b9830a77d3f47f293c0a6dafa3c581fb
At the moment, address demangling is only used by the backtrace
functionality. However, at some point, other parts of the TF-A
codebase may want to use it.
The 'demangle_address' function is replaced with a single XPACI
instruction which is also added in 'do_crash_reporting()'.
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Change-Id: I4424dcd54d5bf0a5f9b2a0a84c4e565eec7329ec
Introduce macro 'CSS_SGI_CHIP_COUNT' to allow Arm CSS platforms with
multi-chip support to define number of chiplets on the platform. By
default, this flag is set to 1 and does not affect the existing single
chip platforms.
For multi-chip platforms, override the default value of
CSS_SGI_CHIP_COUNT with the number of chiplets supported on the
platform. As an example, the command below sets the number of chiplets
to two on the RD-N1-Edge multi-chip platform:
export CROSS_COMPILE=<path-to-cross-compiler>
make PLAT=rdn1edge CSS_SGI_CHIP_COUNT=2 ARCH=aarch64 all
Change-Id: If364dc36bd34b30cc356f74b3e97633933e6c8ee
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Use the firmware configuration framework to store the io_policies
information inside the configuration device tree instead of the static
structure in the code base.
The io_policies required by BL1 can't be inside the dtb, as this one is
loaded by BL1, and only available at BL2.
This change currently only applies to FVP platform.
Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Enables usage of ARM_ROTPK_LOCATION=regs for FVP board.
Removes hard-coded developer keys. Instead, setting
ARM_ROTPK_LOCATION=devel_* takes keys from default directory.
In case of ROT_KEY specified - generates a new hash and replaces the
original.
Note: Juno board was tested by original feature author and was not tested
for this patch since we don't have access to the private key. Juno
implementation was moved to board-specific file without changing
functionality. It is not known whether byte-swapping is still needed
for this platform.
Change-Id: I0fdbaca0415cdcd78f3a388551c2e478c01ed986
Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
This patch expands the coding style documentation, splitting it
into two documents: the core style rules and extended guidelines.
Note that it does not redefine or change the coding style (aside
from section 4.6.2) - generally, it is only documenting the
existing style in more detail.
The aim is for the coding style to be more readable and, in turn,
for it to be followed by more people. We can use this as a more
concrete reference when discussing the accepted style with external
contributors.
Change-Id: I87405ace9a879d7f81e6b0b91b93ca69535e50ff
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Signed-off-by: Petre-Ionut Tudor <petre-ionut.tudor@arm.com>
BL2 is unconditionally setting 0 (OPTEE_AARCH64) in arg0 even when the
BL32 image is 32bit (OPTEE_AARCH32). This is causing the boot to hang
when ATOS (32bit Amlogic BL32 binary-only TEE OS) is used.
Since we are not aware of any Amlogic platform shipping a 64bit version
of ATOS we can hardcode OPTEE_AARCH32 / MODE_RW_32 when using ATOS.
Signed-off-by: Carlo Caione <ccaione@baylibre.com>
Change-Id: Iaea47cf6dc48bf8a646056761f02fb81b41c78a3
Introduce the preliminary support for the Amlogic A113D (AXG) SoC.
This port is a minimal implementation of BL31 capable of booting
mainline U-Boot, Linux and chainloading BL32 (ATOS).
Tested on a A113D board.
Signed-off-by: Carlo Caione <ccaione@baylibre.com>
Change-Id: Ic4548fa2f7c48d61b485b2a6517ec36c53c20809
Since Sphinx 2.3.0 backquotes are replaced to \textasciigrave{} during
building latexpdf. Using this element in a \sphinxhref{} breaks the
build. In order to avoid this error backquotes must not be used in
external hyperlinks.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Ie3cf454427e3d5a7b7f9829b42be45aebda7f0dd
The current URL for QEMU_EFI.fd is not found. Update the link to
point to the new one.
If you run the shell command as instructed, you will see this error:
qemu-system-aarch64: keep_bootcon: Could not open 'keep_bootcon': No such file or directory
The part "console=ttyAMA0,38400 keep_bootcon root=/dev/vda2" is the
kernel parameter, so it must be quoted.
As of writing, QEMU v4.2.0 is the latest, but it does not work for
TF-A (It has been fixed in the mainline.) QEMU v4.1.0 works fine.
With those issues addressed, I succeeded in booting the latest kernel.
Tested with QEMU v4.1.0 and Linux 5.5 (defconfig with no modification).
Update the tested versions.
Change-Id: Ic85db0e688d67b1803ff890047d37de3f3db2daa
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Allows to select the chain of trust to use when the Trusted Boot feature
is enabled. This affects both the cert_create tool and the firmware
itself.
Right now, the only available CoT is TBBR.
Change-Id: I7ab54e66508a1416cb3fcd3dfb0f055696763b3d
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Command to build HTML-formatted pages from docs:
make doc
Change-Id: I4103c804b3564fe67d8fc5a3373679daabf3f2e9
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
This patch adds 'calc_hash' function using Mbed TLS library
required for Measured Boot support.
Change-Id: Ifc5aee0162d04db58ec6391e0726a526f29a52bb
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
CPUECTLR_EL1.EXTLLC bit indicates the presense of internal or external
last level cache(LLC) in the system, the reset value is internal LLC.
To cater for the platforms(like N1SDP) which has external LLC present
introduce a new build option 'NEOVERSE_N1_EXTERNAL_LLC' which can be
enabled by platform port.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ibf475fcd6fd44401897a71600f4eafe989921363
This implementation simply mimics that of BL31.
Change-Id: Ibbaa4ca012d38ac211c52b0b3e97449947160e07
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
This implementation simply mimics that of BL31.
I did not implement the ENABLE_PIE support for BL2_IN_XIP_MEM=1 case.
It would make the linker script a bit uglier.
Change-Id: If3215abd99f2758dfb232e44b50320d04eba808b
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
This lets the Linux kernel or any other image which expects an FDT in x0 be
loaded directly as BL33 without a separate bootloader on QEMU.
Signed-off-by: Andrew Walbran <qwandor@google.com>
Change-Id: Ia8eb4710a3d97cdd877af3b8aae36a2de7cfc654
Out of two possible implementation of Secure Partition Manager(SPM)
currently only Management mode (MM) design is supported and the support
for SPM based on SPCI Alpha 1 prototype has been removed.
Earlier both implementation used common build flag "ENABLE_SPM" but it
has since been decoupled and MM uses a separate build FLAG "SPM_MM".
Instructions to build it for FVP was still using "ENABLE_SPM", which has
beend corrected in this patch.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I505b98173d6051816436aa602ced6dbec4efc776
Parse the parameter structure the PLM populates, to populate the
bl32 and bl33 image structures.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: I317072d1086f6cc6f90883c1b8b6d086ff57b443
* changes:
plat: xilinx: Move pm_client.h to common directory
plat: xilinx: versal: Make silicon default build target
xilinx: versal: Wire silicon default setup
versal: Increase OCM memory size for DEBUG builds
plat: xilinx: versal: Dont set IOU switch clock
arm64: versal: Adjust cpu clock for versal virtual
xilinx: versal: Add support for PM_GET_OPERATING_CHARACTERISTIC EEMI call
plat: versal: Add Get_ChipID API
plat: xilinx: versal: Add load Pdi API support
xilinx: versal: Add feature check API
xilinx: versal: Implement set wakeup source for client
plat: xilinx: versal: Add GET_CALLBACK_DATA function
xilinx: versal: Add PSCI APIs for system shutdown & reset
xilinx: versal: Add PSCI APIs for suspend/resume
xilinx: versal: Remove no_pmc ops to ON power domain
xilinx: versal: Add set wakeup source API
xilinx: versal: Add client wakeup API
xilinx: versal: Add query data API
xilinx: versal: Add request wakeup API
xilinx: versal: Add PM_INIT_FINALIZE API for versal
xilinx: versal: Add support of PM_GET_TRUSTZONE_VERSION API
xilinx: versal: enable ipi mailbox service
xilinx: move ipi mailbox svc to xilinx common
plat: xilinx: versal: Implement PM IOCTL API
xilinx: versal: Implement power down/restart related EEMI API
xilinx: versal: Add SMC handler for EEMI API
xilinx: versal: Implement PLL related PM APIs
xilinx: versal: Implement clock related PM APIs
xilinx: versal: Implement pin control related PM APIs
xilinx: versal: Implement reset related PM APIs
xilinx: versal: Implement device related PM APIs
xilinx: versal: Add support for suspend related APIs
xilinx: versal: Add get_api_version support
xilinx: Add support to send PM API to PMC using IPI for versal
plat: xilinx: versal: Move versal_def.h to include directory
plat: xilinx: versal: Move versal_private.h to include directory
plat: xilinx: zynqmp: Use GIC framework for warm restart
Add new flags for storage support that must be used in the build
command line. Add the complete build steps for an OP-TEE configuration.
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Change-Id: I0c682f6eb0aab83aa929f4ba734d3151c264aeed
The LLVM linker replaces the GNU linker as default for the link on Clang
builds. It is possible to override the default linker by setting the LD build
flag.
The patch also updates the TF-A doc.
Change-Id: Ic08552b9994d4fa8f0d4863e67a2726c1dce2e35
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
This patch makes default build target as silicon instead of QEMU.
The default can be overwritten by specifying it through build flag
VERSAL_PLATFORM.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: Ia4cb1df1f206db3e514e8ce969acca875e973ace
It's in fact mandatory. Seen with RPi firmware 1.20190925.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Change-Id: I80739b74f25817294adc52cfd26a3ec59c06f892
This toolchain provides multiple cross compilers and are publicly
available on developer.arm.com
We build TF-A in CI using:
AArch32 bare-metal target (arm-none-eabi)
AArch64 ELF bare-metal target (aarch64-none-elf)
Change-Id: I910200174d5bad985504d1af4a1ae5819b524003
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
NOTE for platform integrators:
API `plat_psci_stat_get_residency()` third argument
`last_cpu_idx` is changed from "signed int" to the
"unsigned int" type.
Issue / Trouble points
1. cpu_idx is used as mix of `unsigned int` and `signed int` in code
with typecasting at some places leading to coverity issues.
2. Underlying platform API's return cpu_idx as `unsigned int`
and comparison is performed with platform specific defines
`PLAFORM_xxx` which is not consistent
Misra Rule 10.4:
The value of a complex expression of integer type may only be cast to
a type that is narrower and of the same signedness as the underlying
type of the expression.
Based on above points, cpu_idx is kept as `unsigned int` to match
the API's and low-level functions and platform defines are updated
where ever required
Signed-off-by: Deepika Bhavnani <deepika.bhavnani@arm.com>
Change-Id: Ib26fd16e420c35527204b126b9b91e8babcc3a5c
Creating a Change Log Template for ALL to update with relevant
new features, changes, fixes and known issues for each upcoming
release of Trusted Firmware-A.
The contents of this file should be added to the collective change log
at the time of release code freeze.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Idfbdcef0d40b10312dc88b6e1cbe31856fda887e
Some platforms are extremely memory constrained and must split BL31
between multiple non-contiguous areas in SRAM. Allow the NOBITS
sections (.bss, stacks, page tables, and coherent memory) to be placed
in a separate region of RAM from the loaded firmware image.
Because the NOBITS region may be at a lower address than the rest of
BL31, __RW_{START,END}__ and __BL31_{START,END}__ cannot include this
region, or el3_entrypoint_common would attempt to invalidate the dcache
for the entire address space. New symbols __NOBITS_{START,END}__ are
added when SEPARATE_NOBITS_REGION is enabled, and the dcached for the
NOBITS region is invalidated separately.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Change-Id: Idedfec5e4dbee77e94f2fdd356e6ae6f4dc79d37
Erratum 1688305 is a Cat B erratum present in r0p0, r0p1 versions
of Hercules core. The erratum can be avoided by setting bit 1 of the
implementation defined register CPUACTLR2_EL1 to 1 to prevent store-
release from being dispatched before it is the oldest.
Change-Id: I2ac04f5d9423868b6cdd4ceb3d0ffa46e570efed
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Before adding any new SPM-related components we should first do
some cleanup around the existing SPM-MM implementation. The aim
is to make sure that any SPM-MM components have names that clearly
indicate that they are MM-related. Otherwise, when adding new SPM
code, it could quickly become confusing as it would be unclear to
which component the code belongs.
The secure_partition.h header is a clear example of this, as the
name is generic so it could easily apply to any SPM-related code,
when it is in fact SPM-MM specific.
This patch renames the file and the two structures defined within
it, and then modifies any references in files that use the header.
Change-Id: I44bd95fab774c358178b3e81262a16da500fda26
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
The Secure Partition Manager (SPM) prototype implementation is
being removed. This is preparatory work for putting in place a
dispatcher component that, in turn, enables partition managers
at S-EL2 / S-EL1.
This patch removes:
- The core service files (std_svc/spm)
- The Resource Descriptor headers (include/services)
- SPRT protocol support and service definitions
- SPCI protocol support and service definitions
Change-Id: Iaade6f6422eaf9a71187b1e2a4dffd7fb8766426
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
There are two different implementations of Secure Partition
management in TF-A. One is based on the "Management Mode" (MM)
design, the other is based on the Secure Partition Client Interface
(SPCI) specification. Currently there is a dependency between their
build flags that shouldn't exist, making further development
harder than it should be. This patch removes that
dependency, making the two flags function independently.
Before: ENABLE_SPM=1 is required for using either implementation.
By default, the SPCI-based implementation is enabled and
this is overridden if SPM_MM=1.
After: ENABLE_SPM=1 enables the SPCI-based implementation.
SPM_MM=1 enables the MM-based implementation.
The two build flags are mutually exclusive.
Note that the name of the ENABLE_SPM flag remains a bit
ambiguous - this will be improved in a subsequent patch. For this
patch the intention was to leave the name as-is so that it is
easier to track the changes that were made.
Change-Id: I8e64ee545d811c7000f27e8dc8ebb977d670608a
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Provide an SMC interface to the 9p filesystem. This permits
accessing firmware drivers through a common interface, using
standardized read/write/control operations.
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I9314662314bb060f6bc02714476574da158b2a7d
Sphinx was showing the following warning message:
docs/getting_started/build-options.rst:200: WARNING: Bullet list ends
without a blank line; unexpected unindent.
Change-Id: Iad5d49c1e0d25dd623ad15bce1af31babf860c03
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-Wpadded warns whenever the C compiler automatically includes any
padding in a structure. Because TF-A has a large number of structures,
this occurs fairly frequently and is incredibly verbose, and as such is
unlikely to ever be fixed.
The utility of this warning is also extremely limited - knowing that a
structure includes padding does not point to the existence of an error,
and is probably quite unlikely to indicate actually buggy behaviour.
Therefore, it's probably best to keep this warning off at all times.
Change-Id: I0797cb75f06b4fea0d2fdc16fd5ad978a31d76ec
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
Add the support needed to enable using CryptoCell integration with
with RSA 3K support.
Signed-off-by: Gilad Ben-Yossef <gilad.benyossef@arm.com>
Change-Id: I95527cb0c41ae012109e8968dd20a4ae9fe67f17
This patch adds the Tegra194 SoC information to the nvidia-tegra.rst
file.
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Change-Id: Id649a5ff1b3f70eeee34b508edb7965e7b7a2454
This patch enables LTO for TF-A when compiled with GCC.
LTO is disabled by default and is enabled by
ENABLE_LTO=1 build option.
LTO is enabled only for aarch64 as there seem to be
a bug in the aarch32 compiler when LTO is enabled.
The changes in the makefiles include:
- Adding -flto and associated flags to enable LTO.
- Using gcc as a wrapper at link time instead of ld.
This is recommended when using LTO as gcc internally
takes care of invoking the necessary plugins for LTO.
- Adding switches to pass options to ld.
- Adding a flag to disable fix for erratum cortex-a53-843419
unless explicitly enabled. This is needed because GCC
seem to automatically add the erratum fix when used
as a wrapper for LD.
Additionally, this patch updates the TF-A user guide with
the new build option.
Signed-off-by: zelalem-aweke <zelalem.aweke@arm.com>
Change-Id: I1188c11974da98434b7dc9344e058cd1eacf5468
The User Guide document has grown organically over time and
now covers a wide range of topics, making it difficult to
skim read and extract information from. Currently, it covers
these topics and maybe a couple more:
- Requirements (hardware, tools, libs)
- Checking out the repo
- Basic build instructions
- A comprehensive list of build flags
- FIP packaging
- Building specifically for Juno
- Firmware update images
- EL3 payloads
- Preloaded BL33 boot flow
- Running on FVPs
- Running on Juno
I have separated these out into a few groups that become new
documents. Broadly speaking, build instructions for the tools,
for TF-A generally, and for specific scenarios are separated.
Content relating to specific platforms (Juno and the FVPs are
Arm-specific platforms, essentially) has been moved into the
documentation that is specific to those platforms, under
docs/plat/arm.
Change-Id: Ica87c52d8cd4f577332be0b0738998ea3ba3bbec
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
From AArch64 state, arguments are passed in registers W0-W7(X0-X7)
and results are returned in W0-W7(X0-X7) for SMC32(SMC64) calls.
From AArch32 state, arguments are passed in registers R0-R7 and
results are returned in registers R0-R7 for SMC32 calls.
Most of the functions and macros already existed to support using
upto 8 registers for passing/returning parameters/results. Added
few helper macros for SMC calls from AArch32 state.
Link to the specification:
https://developer.arm.com/docs/den0028/c
Change-Id: I87976b42454dc3fc45c8343e9640aa78210e9741
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Both -Wmissing-field-initializers and -Wsign-compare are both covered by
-Wextra which is enabled at W=1 anyway. Therefore, the explicit options
are not required.
Change-Id: I2e7d95b5fc14af7c70895859a7ebbeac5bc0d2a4
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
Complete the Library at ROM documentation with information regarding
the memory impact of the feature.
Change-Id: I5a10620a8e94f123021bb19523a36d558b330deb
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Some of the plantuml diagrams in the I/O storage abstraction layer
documentation are absent from the rendered version of the porting
guide. The build log (see [1] for example) reports a syntax error in
these files. This is due to the usage of the 'order' keyword on the
participants list, which does not seem to be supported by the version
of plantuml installed on the ReadTheDocs server.
Fix these syntax errors by removing the 'order' keyword altogether. We
simply rely on the participants being declared in the desired order,
which will be the order of display, according to the plantuml
documentation.
[1] https://readthedocs.org/api/v2/build/9870345.txt
Change-Id: Ife35c74cb2f1dac28bda07df395244639a8d6a2b
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
A small set of misc changes to ensure correctness before the v2.2
release tagging.
Change-Id: I888840b9483ea1a1633d204fbbc0f9594072101e
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Removed deprecated interfaces that have been removed from the TF-A
project, updated the deprecated list with new deprecations for v2.2
Release, added upcoming release information, remove mentions of PR from
github.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Change-Id: I2b59d351cde9860ad0dcb6520a8bd2827ad403cf
Giving a bit more background information about the issue tracker
and mailing lists.
Change-Id: I68921d54e3113d348f1e16c685f74d32df2ca19f
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
The list of upstream platforms on the index page is growing
quite long, especially with all the FVP variants being listed
individually.
This patch leverages the "Platform Ports" chapter in the docs
table of contents to condense this information. Almost all
platform ports now have documentation, so the table of
contents serves as the list of upstream platforms by itself.
For those upstream platforms that do not have corresponding
documentation, the top-level "Platform Ports" page mentions
them individually. It also mentions each Arm FVP, just as
the index page did before.
Note that there is an in-progress patch that creates new
platform port documentation for the Arm Juno and Arm FVP
platforms, so this list of "other platforms" will soon be
reduced further as those platforms become part of the
table of contents as well.
Change-Id: I6b1eab8cba71a599d85a6e22553a34b07f213268
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
The index.rst page is now the primary landing page for the TF-A
documentation. It contains quite a lot of content these days,
including:
- The project purpose and general intro
- A list of functionality
- A list of planned functionality
- A list of supported platforms
- "Getting started" links to other documents
- Contact information for raising issues
This patch creates an "About" chapter in the table
of contents and moves some content there. In order,
the above listed content:
- Stayed where it is. This is the right place for it.
- Moved to About->Features
- Moved to About->Features (in subsection)
- Stayed where it is. Moved in a later patch.
- Was expanded in-place
- Moved to About->Contact
Change-Id: I254bb87560fd09140b9e485cf15246892aa45943
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
We would need to update this version for the release but, in fact,
it is not required for our publishing workflow; the hosted version
of the docs uses git commit/tag information in place of these
variables anyway.
Instead of updating the version, just remove these variables
entirely.
Change-Id: I424c4e45786e87604e91c7197b7983579afe4806
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
User guide:
1. Remove obsolete note saying only FVP is supported with AArch32
2. Switch compiler for Juno AArch32 to arm-eabi
3. Mention SOFTWARE folder in Juno Linaro release
Index.rst:
1. Switch default FVP model to Version 11.6 Build 45
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Change-Id: Ib47a2ea314e2b8394a20189bf91796de0e17de53
The version of the Linaro release that is used for testing was
updated in 35010bb8 and the user guide was updated with the
correct version, however the version is also mentioned on the
index page and that was missed. Update the index page with the
new version.
We can come back and de-duplicate this content later, to ease
future maintenance.
Change-Id: I3fe83d7a1c59ab8d3ce2b18bcc23e16c93f7af97
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Tidying up a few Sphinx warnings that had built-up over time.
None of these are critical but it cleans up the Sphinx output.
At the same time, fixing some spelling errors that were detected.
Change-Id: I38209e235481eed287f8008c6de9dedd6b12ab2e
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
This new page contains instructions for doing a local
build of the documentation, plus information on the environment
setup that needs to be done beforehand.
Change-Id: If563145ab40639cabbe25d0f62759981a33692c6
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
The readme.rst and license.rst files in the project root overlap
with the index.rst and license.rst files in the docs/ folder. We
need to use the latter when building the documentation, as Sphinx
requires all included files to be under a common root. However,
the files in the root are currently used by the cgit and Github
viewers.
Using symlinks in Git presents some difficulties so the best
course of action is likely to leave these files but in stub form.
The license.rst file in the root will simply tell the reader to
refer to docs/license.rst.
The readme.rst file will contain a small amount of content that
is derived from the docs/index.rst file, so that the Github main
page will have something valid to show, but it will also contain
a link to the full documentation on ReadTheDocs.
Change-Id: I6dc46f08777e8d7ecb32ca7afc07a28486c9f77a
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Currently links between documents are using the format:
<path/to/><filename>.rst
This was required for services like GitHub because they render each
document in isolation - linking to another document is like linking
to any other file, just provide the full path.
However, with the new approach, the .rst files are only the raw
source for the documents. Once the documents have been rendered
the output is now in another format (HTML in our case) and so,
when linking to another document, the link must point to the
rendered version and not the .rst file.
The RST spec provides a few methods for linking between content.
The parent of this patch enabled the automatic creation of anchors
for document titles - we will use these anchors as the targets for
our links. Additional anchors can be added by hand if needed, on
section and sub-section titles, for example.
An example of this new format, for a document with the title
"Firmware Design" is :ref:`Firmware Design`.
One big advantage of this is that anchors are not dependent on
paths. We can then move documents around, even between directories,
without breaking any links between documents. Links will need to be
updated only if the title of a document changes.
Change-Id: I9e2340a61dd424cbd8fd1ecc2dc166f460d81703
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Add meson-g12a, qemu-sbsa and rpi4 to the documentation index so
that they will have their docs rendered and integrated into the
table of contents.
Change-Id: Id972bf2fee67312dd7bff29f92bea67842e62431
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Coherent I-cache is causing a prefetch violation where when the core
executes an instruction that has recently been modified, the core might
fetch a stale instruction which violates the ordering of instruction
fetches.
The workaround includes an instruction sequence to implementation
defined registers to trap all EL0 IC IVAU instructions to EL3 and a trap
handler to execute a TLB inner-shareable invalidation to an arbitrary
address followed by a DSB.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Ic3b7cbb11cf2eaf9005523ef5578a372593ae4d6
Make the spinlock implementation use ARMv8.1-LSE CAS instruction based
on a platform build option. The CAS-based implementation used to be
unconditionally selected for all ARM8.1+ platforms.
The previous CAS spinlock implementation had a bug wherein the spin_unlock()
implementation had an `sev` after `stlr` which is not sufficient. A dsb is
needed to ensure that the stlr completes prior to the sev. Having a dsb is
heavyweight and a better solution would be to use load exclusive semantics
to monitor the lock and wake up from wfe when a store happens to the lock.
The patch implements the same.
Change-Id: I5283ce4a889376e4cc01d1b9d09afa8229a2e522
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
This patch introduces Qemu SBSA platform.
Both platform specific files where copied from qemu/qemu with changes for
DRAM base above 32bit and removal of ARMv7 conditional defines/code.
Documentation is aligned to rest of SBSA patches along the series and
planed changes in edk2-platform repo.
FixesARM-software/tf-issues#602
Signed-off-by: Radoslaw Biernacki <radoslaw.biernacki@linaro.org>
Change-Id: I8ebc34eedb2268365e479ef05654b2df1b99128c
- Updated Linaro release version number to 19.06
- Updated links to Linaro instructions and releases
- Removed the Linaro old releases link
Signed-off-by: zelalem-aweke <zelalem.aweke@arm.com>
Change-Id: Ib786728106961e89182b42183e7b889f6fc74190
* changes:
amlogic: g12a: Add support for the S905X2 (G12A) platform
amlogic: makefile: Use PLAT variable when possible
amlogic: sha_dma: Move register mappings to platform header