This avoids duplicate define of TZC_REGION_NSEC_ALL_ACCESS_RDWR.
And remove the previous TZC400 definitions from stm32mp1_def.h.
Change-Id: I6c72c2a18731f69d855fbce8ce822a21da9364fa
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Add required code to support FCONF on STM32MP1 platform.
The new FW_CONFIG DT file will be inside the FIP, and loaded by BL2.
It will be used to configure the addresses where to load other binaries.
BL2 should be agnostic of which BL32 is in the FIP (OP-TEE or SP_min),
so optee_utils.c is always compiled, and some OP-TEE flags are removed.
Change-Id: Id957b49b0117864136250bfc416664f815043ada
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Instead of using a scratch buffer of 512 bytes, we can directly use the
image address and max size. The mmc_block_dev_spec struct info is then
overwritten for each image with this info, except FW_CONFIG and GPT
table which will still use the scratch buffer.
This allows using multiple blocks read on MMC, and so improves the boot
time.
A cache invalidate is required for the remaining data not used from the
first and last blocks read. It is not required for FW_CONFIG_ID,
as it is in scratch buffer in SYSRAM, and also because bl_mem_params
struct is overwritten in this case. This should also not be done if
the image is not found (OP-TEE extra binaries when using SP_min).
Change-Id: If3ecfdfe35bb9db66284036ca49c4bd1be4fd121
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
BL2 still uses the STM32 header binary format to be loaded from ROM code.
BL32 and BL33 and their respective device tree files are now put together
in a FIP file.
One DTB is created for each BL. To reduce their sizes, 2 new dtsi file are
in charge of removing useless nodes for a given BL. This is done because
BL2 and BL32 share the same device tree files base.
The previous way of booting is still available, the compilation flag
STM32MP_USE_STM32IMAGE has to be set to 1 in the make command. Some files
are duplicated and their names modified with _stm32_ to avoid too much
switches in the code.
Change-Id: I1ffada0af58486d4cf6044511b51e56b52269817
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Protect BL32 (SP_min) with MMU if OP-TEE is not used.
Validate OP-TEE header with optee_header_is_valid().
Use default values in bl2_mem_params_descs[]. They will be overwritten
in bl2_plat_handle_post_image_load() if OP-TEE is used.
Change-Id: I8614f3a17caa827561614d0f25f30ee90c4ec3fe
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Now that the DDR is mapped secured, the security settings (TZC400
firewall) have to be applied at the end of BL2 for the OP-TEE case.
This is required to avoid checskum computation error on U-Boot binary,
for which MMU and TZC400 would not be aligned.
Change-Id: I4a364f7117960e8fae1b579f341b9f140b766ea6
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
In BL2, the DDR can be mapped as secured in MMU, as no other SW
has access to it during its execution.
The TZC400 configuration is also updated to reflect this. When using
OP-TEE, the TZC400 is reconfigured at the end of BL2, to match OP-TEE
mapping. Else, SP_min will be in charge to reconfigure TZC400 to set
DDR non-secure.
Change-Id: Ic5ec614b218f733796feeab1cdc425d28cc7c103
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Add new static functions to factorize code in stm32mp1_security.c.
Change-Id: Ifa5a1aaf7c56c25dba9a0ab8e985496d7cb06990
Signed-off-by: Yann Gautier <yann.gautier@st.com>
The dependency on this macro was added by patch [1]. But the macro
itself was forgotten in the patch.
[1] 128e0b3e2e ("stm32mp1: update rules for stm32image tool")
Change-Id: I49219e1e13828b97b95f404983da33ef4567fe23
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
In stm32mp1_syscfg_disable_io_compensation(), to disable the IO
compensation cell, we have to set the corresponding bit in
SYSCFG_CMPENCLRR register, instead of clearing the bit in SETR register.
Change-Id: I510a50451f8afb9e98c24e1ea84efbf73a39e6b4
Signed-off-by: Yann Gautier <yann.gautier@st.com>
BSEC services should return SMC error codes as other IDs (defined in
stm32mp1_smc.h) and not BSEC driver ones. So that non-secure caller
is able to treat them correctly.
In global SMC handler, unknown ID should also return a value from this
definition list, and not the generic one, which seems not well adapted
for our needs.
Two unsigned values initializations are also changed from 0 to 0U.
Change-Id: Ib6fd3866a748cefad1d13d48f7be38241621023e
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
* changes:
refactor(plat/nvidia): use SOC_ID defines
refactor(plat/mediatek): use SOC_ID defines
refactor(plat/arm): use SOC_ID defines
feat(plat/st): implement platform functions for SMCCC_ARCH_SOC_ID
refactor(plat/st): export functions to get SoC information
feat(smccc): add bit definition for SMCCC_ARCH_SOC_ID
Device Tree address is now a parameter for dt_open_and_check() function.
This will allow better flexibility when introducing PIE and FIP.
The fdt pointer is now only assigned if the given address holds
a valid device tree file. This allows removing the fdt_checked variable,
as we now check fdt is not null.
Change-Id: I04cbb2fc05c9c711ae1c77d56368dbeb6dd4b01a
Signed-off-by: Yann Gautier <yann.gautier@st.com>
The boot device is now checked inside a dedicated rule, that is only
called during BL2 compilation step
Change-Id: Ie7bcd1f166285224b0c042238989a82f7b6105c6
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Added a new STM32MP_EMMC_BOOT option, which is used to look for SSBL in
the same eMMC boot partition TF-A booted from at a fixed 256k offset. In
case STM32 image header is not found, the boot process rolls back to a
GPT partition look-up scheme.
Signed-off-by: Vyacheslav Yurkov <uvv.mail@gmail.com>
Change-Id: I85a87dc9ae7f2b915ed8e584be80f4b3588efc48
Three functions are exported to get SoC version, SoC device ID, and SoC
name. Those functions are based on reworked existing static functions.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I1f3949062bb488286a9e7a38ffcd1457953dac56
In order to prepare future support of FIP, BL32 (SP_min) is compiled
as Position Independent Executable.
Change-Id: I15e7cc433fb03e1833002f4fe2eaecb6ed42eb47
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
BL2 size is set to 100kB, and BL32 to 72kB, regardless of OP-TEE
or stack protector flags.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: Id7411bd55a4140718d64a647d81037720615fc81
TZC400 is configured to raise an interrupt in case of faulty access.
Call the new added tzc400_it_handler, in case this interrupt occurs.
Change-Id: Iaf4fa408a8eff99498042e11e2d6177bad39868c
Signed-off-by: Yann Gautier <yann.gautier@st.com>
On STM32MP15, only filters 0 and 1 are used.
Use TZC_400_REGION_ATTR_FILTER_BIT() macro for those 2 filters 0 and 1
instead of U(3).
Change-Id: Ibc61823842ade680f59d5b66b8db59b6a30080e4
Signed-off-by: Yann Gautier <yann.gautier@st.com>
The base address of UART peripheral should be given in R0, not in R1.
Otherwise the console_stm32_core_flush issues an assert message.
This issue was highlighted with recent changes in console flush functions.
Change-Id: Iead01986fdbbf30ad2fd9fa515a1d2b611b4e591
Signed-off-by: Yann Gautier <yann.gautier@st.com>
The board information values, read in an OTP are never negative,
%u is then used instead of %d.
Change-Id: I3bc22401fb4d54666ddf56411f75b79aca738492
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Retrieve peripheral base address from a define instead of
parsing the device tree. The goal is to improve execution time.
Signed-off-by: Pascal Paillet <p.paillet@st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I2588c53ad3d4abcc3d7fe156458434a7940dd72b
Update the board info with the new coding including the finished good
variant:
Board: MBxxxx Var<CPN>.<FG> Rev.<Rev>-<BOM>
The OTP 59 coding is:
bit [31:16] (hex) => MBxxxx
bit [15:12] (dec) => Variant CPN (1....15)
bit [11:8] (dec) => Revision board (index with A = 1, Z = 26)
bit [7:4] (dec) => Variant FG : finished good (NEW)
bit [3:0] (dec) => BOM (01, .... 255)
Change-Id: I4fbc0c84596419d1bc30d166311444ece1d9123f
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I2b702698d6be93da5ac86da1cbc98b3838315a5a
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Update to support new part numbers.
Add new STM32 MPUs Part = STM32MP151F, STM32MP153F, STM32MP157F,
STM32MP151D, STM32MP153D, STM32MP157D
The STM32MP1 series is available in 3 different lines which are pin-to-pin
compatible:
- STM32MP157: Dual Cortex-A7 cores, Cortex-M4 core @ 209 MHz,
3D GPU, DSI display interface and CAN FD
- STM32MP153: Dual Cortex-A7 cores, Cortex-M4 core @ 209 MHz
and CAN FD
- STM32MP151: Single Cortex-A7 core, Cortex-M4 core @ 209 MHz
Each line comes with a security option (cryptography & secure boot)
& a Cortex-A frequency option :
- A Basic + Cortex-A7 @ 650 MHz
- C Secure Boot + HW Crypto + Cortex-A7 @ 650 MHz
- D Basic + Cortex-A7 @ 800 MHz
- F Secure Boot + HW Crypto + Cortex-A7 @ 800 MHz
Remove useless variable in stm32mp_is_single_core().
Change-Id: Id30c836af986c6340c91efa8a7ae9480a2827089
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Add a new revision of STM32MP15x CPU (Rev.Z).
Change-Id: I227dd6d9b3fcc43270015cfb21f60aeb0a8ab658
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>
And from crash_console_flush.
We ignore the error information return by console_flush in _every_
place where we call it, and casting the return type to void does not
work around the MISRA violation that this causes. Instead, we collect
the error information from the driver (to avoid changing that API), and
don't return it to the caller.
Change-Id: I1e35afe01764d5c8f0efd04f8949d333ffb688c1
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
Remove some useless extra tabs or spaces.
Replace some spaces with tabs.
Change-Id: I0e8e2a1a1be7a1109ba7f3e3ae35e3fe1b5b4552
Signed-off-by: Yann Gautier <yann.gautier@st.com>
In heavy parallel builds, it has sometimes been seen issues with the
tool not generated before it was needed. Change some rules order and
dependency to solve that.
Change-Id: I8f4b4f46a2ea0fe496bc66bca47c66d1c81d3c99
Signed-off-by: Yann Gautier <yann.gautier@st.com>
There were fixed values when computing PLAT_PARTITION_MAX_ENTRIES.
Use STM32_BL33_PARTS_NUM and STM32_RUNTIME_PARTS_NUM. The first one is
for the number of copies of BL33. The second one depends on the use case
SP_min or OP-TEE. For OP-TEE, there are 3 partitions. For SP_min, as it
is in the same binary as BL2, it is set to 0. It will be set to 1 if
BL32 is in a separate binary.
Change-Id: Iba4d8ec5fbc713bebfbdcd9f9426c3fded20d3ad
Signed-off-by: Yann Gautier <yann.gautier@st.com>
First put Makefile variables definition, then definitions for each feature,
then C flags, then source files, then compilation rules.
Change-Id: I238115ea2fe4ebafccd2135979814c27932c34e2
Signed-off-by: Yann Gautier <yann.gautier@st.com>
To simplify the rule that creates the concatenated binary, use ASFLAGS
instead of adding all paths in the AS command line. This allows a better
management if a binary is not present.
Change-Id: Ic8b4566e7dedc6f55be355a92e3b214cef138d9b
Signed-off-by: Yann Gautier <yann.gautier@st.com>
The previous proprietary version was not correctly handling dependencies.
Using MAKE_LD from make_helpers files now correctly handles that.
The generated linker script is the same as before.
Change-Id: Iccfd8dc3fffa7a33e73b184b72e0dfd5d26bc9c9
Signed-off-by: Yann Gautier <yann.gautier@st.com>
There is one dtsi file per SoC version:
- STM32MP151: common part for all version, Single Cortex-A7
- STM32MP153: Dual Cortex-A7
- STM32MP157: + GPU and DSI, but not needed for TF-A
The STM32MP15xC include a cryptography peripheral, add it in a dedicated
file.
There are 4 packages available, for which the IOs number change. Have one
file for each package. The 2 packages AB and AD are added.
STM32157A-DK1 and STM32MP157C-DK2 share most of their features, a common
dkx file is then created.
Some reordering is done in other files, and realign with kernel DT files.
The DDR files are generated with our internal tool, no changes in the
registers values.
Change-Id: I9f2ef00306310abe34b94c2f10fc7a77a10493d1
Signed-off-by: Yann Gautier <yann.gautier@st.com>
If GPIO port for UART TX is less than 8, the register GPIO_AFRL should
be used to set the alternate. GPIO_AFRH is used if GPIO port is greater
or equal to 8. The macro GPIO_TX_ALT_SHIFT is removed and the GPIO port
number is tested against GPIO_ALT_LOWER_LIMIT (=8) in
plat_crash_console_init() function.
Change-Id: Ibb62223ed6bce589bbcab59a5e986b2677e6d118
Signed-off-by: Yann Gautier <yann.gautier@st.com>
The STM32MP1 implementation of this function will call
plat_report_exception(). It displays more information about the panic
if DEBUG is enabled.
The LR register is also filled with R6 content, which hold the faulty
address. This allows debugger to reconstruct the backtrace.
Change-Id: I6710e8e2ab6658b05c5bbad2f3c545f07f355afb
Signed-off-by: Yann Gautier <yann.gautier@st.com>
In case DEBUG is enabled, plat_report_exception will now display extra
information of the cause of the exception.
Change-Id: I72cc9d180959cbf31c13821dd051eaf4462b733e
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Loop macros make it easier for developers to include new variables to
assert or define and also help code code readability on makefiles.
Change-Id: I0d21d6e67b3eca8976c4d856ac8ccc02c8bb5ffa
Signed-off-by: Leonardo Sandoval <leonardo.sandoval@linaro.org>
Include the GICv2 makefile in STM32MP1 SP_min makefile, and use
${GICV2_SOURCES} instead of taking drivers/arm/gic files directly.
Change-Id: Ibcaed5b0bd17f6d8cf200e208c11cc10cd6d2ee5
Signed-off-by: Yann Gautier <yann.gautier@st.com>
This change implements platform services for stm32mp1 to expose clock
and reset controllers over SCMI clock and reset domain protocols
in sp_min firmware.
Requests execution use a fastcall SMC context using a SiP function ID.
The setup allows the create SCMI channels by assigning a specific
SiP SMC function ID for each channel/agent identifier defined. In this
change, stm32mp1 exposes a single channel and hence expects single
agent at a time.
The input payload in copied in secure memory before the message
in passed through the SCMI server drivers. BL32/sp_min is invoked
for a single SCMI message processing and always returns with a
synchronous response message passed back to the caller agent.
This change fixes and updates STM32_COMMON_SIP_NUM_CALLS that was
previously wrongly set 4 whereas only 1 SiP SMC function ID was to
be counted. STM32_COMMON_SIP_NUM_CALLS is now set to 3 since the
2 added SiP SMC function IDs for SCMI services.
Change-Id: Icb428775856b9aec00538172aea4cf11e609b033
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>