Necessary infrastructure added to integrate fconf framework in BL31 & SP_MIN.
Created few populator() functions which parse HW_CONFIG device tree
and registered them with fconf framework. Many of the changes are
only applicable for fvp platform.
This patch:
1. Adds necessary symbols and sections in BL31, SP_MIN linker script
2. Adds necessary memory map entry for translation in BL31, SP_MIN
3. Creates an abstraction layer for hardware configuration based on
fconf framework
4. Adds necessary changes to build flow (makefiles)
5. Minimal callback to read hw_config dtb for capturing properties
related to GIC(interrupt-controller node)
6. updates the fconf documentation
Change-Id: Ib6292071f674ef093962b9e8ba0d322b7bf919af
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
A populate() function essentially captures the value of a property,
defined by a platform, into a fconf related c structure. Such a
callback is usually platform specific and is associated to a specific
configuration source.
For example, a populate() function which captures the hardware topology
of the platform can only parse HW_CONFIG DTB. Hence each populator
function must be registered with a specific 'config_type' identifier.
It broadly represents a logical grouping of configuration properties
which is usually a device tree source file.
Example:
> TB_FW: properties related to trusted firmware such as IO policies,
base address of other DTBs, mbedtls heap info etc.
> HW_CONFIG: properties related to hardware configuration of the SoC
such as topology, GIC controller, PSCI hooks, CPU ID etc.
This patch modifies FCONF_REGISTER_POPULATOR macro and fconf_populate()
to register and invoke the appropriate callbacks selectively based on
configuration type.
Change-Id: I6f63b1fd7a8729c6c9137d5b63270af1857bb44a
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Shared RAM region in the remote chip's memory is used as one of the
mailbox region (SCMI payload area) through which the AP core on the
local chip and SCP core on the remote chip exchange SCMI protocol
message during the initialization. Mark this region as non-cacheable in
the MMAP entry to prevent local AP core from reading stale data from the
cache.
Change-Id: I7e9dc5fbcc3b40e9bcff5499f15abd2aadaed385
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Since N1SDP has a system level cache which is an
external LLC enable the NEOVERSE_N1_EXTERNAL_LLC flag.
Change-Id: Idb34274e61e7fd9db5485862a0caa497f3e290c7
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>
* changes:
stm32mp1: platform.mk: support generating multiple images in one build
stm32mp1: platform.mk: migrate to implicit rules
stm32mp1: platform.mk: derive map file name from target name
stm32mp1: platform.mk: generate linker script with fixed name
stm32mp1: platform.mk: use PHONY for the appropriate targets
* changes:
Factor xlat_table sections in linker scripts out into a header file
xlat_tables_v2: use ARRAY_SIZE in REGISTER_XLAT_CONTEXT_FULL_SPEC
xlat_tables_v2: merge REGISTER_XLAT_CONTEXT_{FULL_SPEC,RO_BASE_TABLE}
TF-A has so many linker scripts, at least one linker script for each BL
image, and some platforms have their own ones. They duplicate quite
similar code (and comments).
When we add some changes to linker scripts, we end up with touching
so many files. This is not nice in the maintainability perspective.
When you look at Linux kernel, the common code is macrofied in
include/asm-generic/vmlinux.lds.h, which is included from each arch
linker script, arch/*/kernel/vmlinux.lds.S
TF-A can follow this approach. Let's factor out the common code into
include/common/bl_common.ld.h
As a start point, this commit factors out the xlat_table section.
Change-Id: Ifa369e9b48e8e12702535d721cc2a16d12397895
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
With this, it is clearer that .base_table_entries and .tables_num
are the array size of .base_table and .tables, respectively.
Change-Id: I634e65aba835ab9908cc3919355df6bc6e18d42a
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
xlat_tables_v2_helpers.h defines two quite similar macros,
REGISTER_XLAT_CONTEXT_FULL_SPEC and REGISTER_XLAT_CONTEXT_RO_BASE_TABLE.
Only the difference is the section of _ctx_name##_base_xlat_table.
Parameterize it and unify these two macros.
The base xlat table goes into the .bss section by default.
If PLAT_RO_XLAT_TABLES is defined, it goes into the .rodata section.
Change-Id: I8b02f4da98f0c272e348a200cebd89f479099c55
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
* changes:
plat/arm: Pass cookie argument down to arm_get_rotpk_info()
plat/arm: Add support for dualroot CoT
plat/arm: Provide some PROTK files for development
This patch provides separation of GICD, GICR accessor
functions and adds new macros for GICv3 registers access
as a preparation for GICv3.1 and GICv4 support.
NOTE: Platforms need to modify to include both
'gicdv3_helpers.c' and 'gicrv3_helpers.c' instead of the
single helper file previously.
Change-Id: I1641bd6d217d6eb7d1228be3c4177b2d556da60a
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
* changes:
Tegra186: store TZDRAM base/size to scratch registers
Tegra186: add SE support to generate SHA256 of TZRAM
Tegra186: add support for bpmp_ipc driver
Tegra210: disable ERRATA_A57_829520
Tegra194: memctrl: add support for MIU4 and MIU5
Tegra194: memctrl: remove support to reconfigure MSS
Tegra: fiq_glue: remove bakery locks from interrupt handler
Tegra210: SE: add context save support
Tegra210: update the PMC blacklisted registers
Tegra: disable CPUACTLR access from lower exception levels
cpus: denver: fixup register used to store return address
This patch saves the TZDRAM base and size values to secure scratch
registers, for the WB0. The WB0 reads these values and uses them to
verify integrity of the TZDRAM aperture.
Change-Id: Ic70914cb958249f06cb58025a24d13734a85e16e
Signed-off-by: Jeetesh Burman <jburman@nvidia.com>
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
The BL3-1 firmware code is stored in TZSRAM on Tegra186 platforms. This
memory loses power when we enter System Suspend and so its contents are
stored to TZDRAM, before entry. This opens up an attack vector where the
TZDRAM contents might be tampered with when we are in the System Suspend
mode. To mitigate this attack the SE engine calculates the hash of entire
TZSRAM and stores it in PMC scratch, before we copy data to TZDRAM. The
WB0 code will validate the TZDRAM and match the hash with the one in PMC
scratch.
This patch adds driver for the SE engine, with APIs to calculate the hash
and store SE SHA256 hash-result to PMC scratch registers.
Change-Id: Ib487d5629225d3d99bd35d44f0402d6d3cf27ddf
Signed-off-by: Jeetesh Burman <jburman@nvidia.com>
This patch enables the bpmp-ipc driver for Tegra186 platforms,
to ask BPMP firmware to toggle SE clock.
Change-Id: Ie63587346c4d9b7e54767dbee17d0139fa2818ae
Signed-off-by: Jeetesh Burman <jburman@nvidia.com>
ERRATA_A57_829520 disables "indirect branch prediction" for
EL1 on cpu reset, leading to 15% drop in CPU performance
with coremark benchmarks.
Tegra210 already has a hardware fix for ARM BUG#829520,so
this errata is not needed.
This patch disables the errata to get increased performance
numbers.
Change-Id: I0b42e8badd19a8101f6a55d80eb2d953597d3c20
Signed-off-by: Mithun Maragiri <mmaragiri@nvidia.com>
This patch adds support for memqual miu 4,5.
The MEMQUAL engine has miu0 to miu7 in which miu6 and
miu7 is hardwired to bypass SMMU. So only miu0 to miu5
support is provided.
Change-Id: Ib350334eec521e65f395f1c3205e2cdaf464ebea
Signed-off-by: Pravin <pt@nvidia.com>
As bpmp-fw is running at the same time as ATF, and
the mss client reconfiguration sequence involves performing
a hot flush resets on bpmp, there is a chance that bpmp-fw is
trying to perform accesses while the hot flush is active.
Therefore, the mss client reconfigure has been moved to
System Suspend resume fw and bootloader, and it can be
removed from here.
Change-Id: I34019ad12abea9681f5e180af6bc86f2c4c6fc74
Signed-off-by: Stefan Kristiansson <stefank@nvidia.com>
This patch removes usage of bakery_locks from the FIQ handler, as it
creates unnecessary dependency whenever the watchdog timer interrupt
fires. All operations inside the interrupt handler are 'reads', so
no need for serialization.
Change-Id: I3f675e610e4dabc5b1435fdd24bc28e424f5a8e4
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Tegra210B01 SoCs support atomic context save for the two SE
hardware engines. Tegra210 SoCs have support for only one SE
engine and support a software based save/restore mechanism
instead.
This patch updates the SE driver to make this change.
Change-Id: Ia5e5ed75d0fe011f17809684bbc2ed2338925946
Signed-off-by: Harvey Hsieh <hhsieh@nvidia.com>
Update the list to include PMC registers that the NS world cannot
access even with smc calls.
Change-Id: I588179b56ebc0c29200b55e6d61535fd3a7a3b7e
Signed-off-by: kalyani chidambaram <kalyanic@nvidia.com>
This patch resets the macros to update the CPUACTLR_ELx to make
them generic for all exception levels.
Change-Id: I33e9b860efb543934b654a2f5d775135df7f1aa6
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
The denver_enable_dco and denver_disable_dco use register X3 to store
the return address. But X3 gets over-written by other functions,
downstream.
This patch stores the return address to X18 instead, to fix this
anomaly.
Change-Id: Ic40bfc1d9abaa7b90348843b9ecd09521bb4ee7b
Signed-off-by: Kalyani Chidambaram <kalyanic@nvidia.com>
Update qemu documentation with instructions to boot using FIP image.
Also, add option to build TF-A with TBBR and firmware encryption
enabled.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Change-Id: Ib3af485d413cd595352034c82c2268d7f4cb120a
ARM has a weak memory ordering model. This means that without
explicit barriers, memory accesses can be observed differently
than program order. In this case, the cache invalidate instruction
can be observed after the subsequent read to address.
To solve this, a DMB instruction is required between the cache
invalidate and the read. This ensures that the cache invalidate
completes before all memory accesses in program order after the DMB.
This patch updates the 'read_cache_op' macro to issue a DMB after
the cache invalidate instruction to fix this anomaly.
Change-Id: Iac9a90d228c57ba8bcdca7e409ea6719546ab441
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
In CPU resume function, CPU suspend count was printed instead of CPU
resume count.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I0c081dc03a4ccfb2129687f690667c5ceed00a5f
This patch provides a fix for incorrect crash dump data for
lower EL when TF-A is built with HANDLE_EA_EL3_FIRST=1 option
which enables routing of External Aborts and SErrors to EL3.
Change-Id: I9d5e6775e6aad21db5b78362da6c3a3d897df977
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Currently, the ROM region is needlessly too large.
The on-chip SRAM region of the next SoC will start from 0x04000000,
and this will cause the region overlap.
Mapping 0x04000000 for the ROM is enough.
Change-Id: I85ce0bb1120ebff2e3bc7fd13dc0fd15dfff5ff6
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Enable encryption IO layer to be stacked above FIP IO layer for optional
encryption of Bl31 and BL32 images in case ENCRYPT_BL31 or ENCRYPT_BL32
build flag is set.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Change-Id: I24cba64728861e833abffc3d5d9807599c49feb6