Since commit 3bff910dc1 ("Introduce COT
build option"), it is now possible to select a different Chain of Trust
than the TBBR-Client one.
Make a few adjustments in the documentation to reflect that. Also make
some minor improvements (fixing typos, better formatting, ...) along
the way.
Change-Id: I3bbadc441557e1e13311b6fd053fdab6b10b1ba2
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
The TBBR documentation has been written along with an early
implementation of the code. At that time, the range of supported
encryption and hash algorithms was failry limited. Since then, support
for other algorithms has been added in TF-A but the documentation has
not been updated.
Instead of listing them all, which would clutter this document while
still leaving it at risk of going stale in the future, remove specific
references to the original algorithms and point the reader at the
relevant comprehensive document for further details.
Change-Id: I29dc50bc1d53b728091a1fbaa1c3970fb999f7d5
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
To accommodate the increasing size of the SCP_BL2 binary, the base
address of the memory region allocated to SCP_BL2 has been moved
downwards from its current (mostly) arbitrary address to the beginning
of the non-shared trusted SRAM.
Change-Id: I086a3765bf3ea88f45525223d765dc0dbad6b434
Signed-off-by: Chris Kay <chris.kay@arm.com>
Necessary infrastructure added to integrate fconf framework in BL31 & SP_MIN.
Created few populator() functions which parse HW_CONFIG device tree
and registered them with fconf framework. Many of the changes are
only applicable for fvp platform.
This patch:
1. Adds necessary symbols and sections in BL31, SP_MIN linker script
2. Adds necessary memory map entry for translation in BL31, SP_MIN
3. Creates an abstraction layer for hardware configuration based on
fconf framework
4. Adds necessary changes to build flow (makefiles)
5. Minimal callback to read hw_config dtb for capturing properties
related to GIC(interrupt-controller node)
6. updates the fconf documentation
Change-Id: Ib6292071f674ef093962b9e8ba0d322b7bf919af
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Update qemu documentation with instructions to boot using FIP image.
Also, add option to build TF-A with TBBR and firmware encryption
enabled.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Change-Id: Ib3af485d413cd595352034c82c2268d7f4cb120a
This patch provides a fix for incorrect crash dump data for
lower EL when TF-A is built with HANDLE_EA_EL3_FIRST=1 option
which enables routing of External Aborts and SErrors to EL3.
Change-Id: I9d5e6775e6aad21db5b78362da6c3a3d897df977
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Add framework for autheticated decryption of data. Currently this
patch optionally imports mbedtls library as a backend if build option
"DECRYPTION_SUPPORT = aes_gcm" is set to perform authenticated decryption
using AES-GCM algorithm.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Change-Id: I2966f0e79033151012bf4ffc66f484cd949e7271
In commit 516beb585c ("TBB: apply TBBR naming
convention to certificates and extensions"), some of the variables used in the
TBBR chain of trust got renamed but the documentation did not get properly
updated everywhere to reflect these changes.
Change-Id: Ie8e2146882c2d3538c5b8c968d1bdaf5ea2a6e53
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Cortex-A65x4 and Cortex-A65AEx8 is now included in the list of the
supported Arm Fixed Virtual Platforms.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Ibfcaec11bc75549d60455e96858d79b679e71e5e
The maintainers.rst file lists files and directories that each contributor looks
after in the TF-A source tree. As files and directories move around over time,
some pathnames had become invalid. Fix them, either by updating the path if
it has just moved, or deleting it altogether if it doesn't seem to exist
anymore.
Change-Id: Idb6ff4d8d0b593138d4f555ec206abcf68b0064f
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
It is needed to make it appear in the table of contents. Right now,
all Amlogic documentation pages appear under the "Platform ports"
section, except the AXG one.
Change-Id: Ibcfc3b156888d2a9574953578978b629e185c708
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Till now TF-A allows limited number of external images to be made part
of FIP. With SPM coming along, there may exist multiple SP packages
which need to be inserted into FIP. To achieve this we need a more
scalable approach to feed SP packages to FIP.
This patch introduces changes in build system to generate and add SP
packages into FIP based on information provided by platform.
Platform provides information in form of JSON which contains layout
description of available Secure Partitions.
JSON parser script is invoked by build system early on and generates
a makefile which updates FIP, SPTOOL and FDT arguments which will be
used by build system later on for final packaging.
"SP_LAYOUT_FILE" passed as a build argument and can be outside of TF-A
tree. This option will be used only when SPD=spmd.
For each SP, generated makefile will have following entries
- FDT_SOURCES += sp1.dts
- SPTOOL_ARGS += -i sp1.img:sp1.dtb -o sp1.pkg
- FIP_ARGS += --blob uuid=XXXX-XXX...,file=SP1.pkg
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ib6a9c064400caa3cd825d9886008a3af67741af7
The CPUACTLR_EL1 register on Cortex-A57 CPUs supports a bit to enable
non-cacheable streaming enhancement. Platforms can set this bit only
if their memory system meets the requirement that cache line fill
requests from the Cortex-A57 processor are atomic.
This patch adds support to enable higher performance non-cacheable load
forwarding for such platforms. Platforms must enable this support by
setting the 'A57_ENABLE_NONCACHEABLE_LOAD_FWD' flag from their
makefiles. This flag is disabled by default.
Change-Id: Ib27e55dd68d11a50962c0bbc5b89072208b4bac5
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
When TF-A is built with RESET_TO_BL31=1 option, BL31 is the
first image to be run and should have all the memory allocated
to it except for the memory reserved for Shared RAM at the start
of Trusted SRAM.
This patch fixes FVP BL31 load address and its image size for
RESET_TO_BL31=1 option. BL31 startup address should be set to
0x400_1000 and its maximum image size to the size of Trusted SRAM
minus the first 4KB of shared memory.
Loading BL31 at 0x0402_0000 as it is currently stated in
'\docs\plat\arm\fvp\index.rst' causes EL3 exception when the
image size gets increased (i.e. building with LOG_LEVEL=50)
but doesn't exceed 0x3B000 not causing build error.
Change-Id: Ie450baaf247f1577112f8d143b24e76c39d33e91
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
This patch:
- Add the __COHERENT_RAM_START__ and __COHERENT_RAM_END__ symbols.
- Improve how the symbols are found with a regex.
- Add a build option to revert the memory layout output.
Change-Id: I54ec660261431bc98d78acb0f80e3d95bc5397ac
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
This patch adds information on the PMU configuration registers
and security considerations related to the PMU.
Signed-off-by: Petre-Ionut Tudor <petre-ionut.tudor@arm.com>
Change-Id: I36b15060b9830a77d3f47f293c0a6dafa3c581fb
At the moment, address demangling is only used by the backtrace
functionality. However, at some point, other parts of the TF-A
codebase may want to use it.
The 'demangle_address' function is replaced with a single XPACI
instruction which is also added in 'do_crash_reporting()'.
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Change-Id: I4424dcd54d5bf0a5f9b2a0a84c4e565eec7329ec
Introduce macro 'CSS_SGI_CHIP_COUNT' to allow Arm CSS platforms with
multi-chip support to define number of chiplets on the platform. By
default, this flag is set to 1 and does not affect the existing single
chip platforms.
For multi-chip platforms, override the default value of
CSS_SGI_CHIP_COUNT with the number of chiplets supported on the
platform. As an example, the command below sets the number of chiplets
to two on the RD-N1-Edge multi-chip platform:
export CROSS_COMPILE=<path-to-cross-compiler>
make PLAT=rdn1edge CSS_SGI_CHIP_COUNT=2 ARCH=aarch64 all
Change-Id: If364dc36bd34b30cc356f74b3e97633933e6c8ee
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Use the firmware configuration framework to store the io_policies
information inside the configuration device tree instead of the static
structure in the code base.
The io_policies required by BL1 can't be inside the dtb, as this one is
loaded by BL1, and only available at BL2.
This change currently only applies to FVP platform.
Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Enables usage of ARM_ROTPK_LOCATION=regs for FVP board.
Removes hard-coded developer keys. Instead, setting
ARM_ROTPK_LOCATION=devel_* takes keys from default directory.
In case of ROT_KEY specified - generates a new hash and replaces the
original.
Note: Juno board was tested by original feature author and was not tested
for this patch since we don't have access to the private key. Juno
implementation was moved to board-specific file without changing
functionality. It is not known whether byte-swapping is still needed
for this platform.
Change-Id: I0fdbaca0415cdcd78f3a388551c2e478c01ed986
Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
This patch expands the coding style documentation, splitting it
into two documents: the core style rules and extended guidelines.
Note that it does not redefine or change the coding style (aside
from section 4.6.2) - generally, it is only documenting the
existing style in more detail.
The aim is for the coding style to be more readable and, in turn,
for it to be followed by more people. We can use this as a more
concrete reference when discussing the accepted style with external
contributors.
Change-Id: I87405ace9a879d7f81e6b0b91b93ca69535e50ff
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Signed-off-by: Petre-Ionut Tudor <petre-ionut.tudor@arm.com>
BL2 is unconditionally setting 0 (OPTEE_AARCH64) in arg0 even when the
BL32 image is 32bit (OPTEE_AARCH32). This is causing the boot to hang
when ATOS (32bit Amlogic BL32 binary-only TEE OS) is used.
Since we are not aware of any Amlogic platform shipping a 64bit version
of ATOS we can hardcode OPTEE_AARCH32 / MODE_RW_32 when using ATOS.
Signed-off-by: Carlo Caione <ccaione@baylibre.com>
Change-Id: Iaea47cf6dc48bf8a646056761f02fb81b41c78a3
Introduce the preliminary support for the Amlogic A113D (AXG) SoC.
This port is a minimal implementation of BL31 capable of booting
mainline U-Boot, Linux and chainloading BL32 (ATOS).
Tested on a A113D board.
Signed-off-by: Carlo Caione <ccaione@baylibre.com>
Change-Id: Ic4548fa2f7c48d61b485b2a6517ec36c53c20809
Since Sphinx 2.3.0 backquotes are replaced to \textasciigrave{} during
building latexpdf. Using this element in a \sphinxhref{} breaks the
build. In order to avoid this error backquotes must not be used in
external hyperlinks.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Ie3cf454427e3d5a7b7f9829b42be45aebda7f0dd
The current URL for QEMU_EFI.fd is not found. Update the link to
point to the new one.
If you run the shell command as instructed, you will see this error:
qemu-system-aarch64: keep_bootcon: Could not open 'keep_bootcon': No such file or directory
The part "console=ttyAMA0,38400 keep_bootcon root=/dev/vda2" is the
kernel parameter, so it must be quoted.
As of writing, QEMU v4.2.0 is the latest, but it does not work for
TF-A (It has been fixed in the mainline.) QEMU v4.1.0 works fine.
With those issues addressed, I succeeded in booting the latest kernel.
Tested with QEMU v4.1.0 and Linux 5.5 (defconfig with no modification).
Update the tested versions.
Change-Id: Ic85db0e688d67b1803ff890047d37de3f3db2daa
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Allows to select the chain of trust to use when the Trusted Boot feature
is enabled. This affects both the cert_create tool and the firmware
itself.
Right now, the only available CoT is TBBR.
Change-Id: I7ab54e66508a1416cb3fcd3dfb0f055696763b3d
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Command to build HTML-formatted pages from docs:
make doc
Change-Id: I4103c804b3564fe67d8fc5a3373679daabf3f2e9
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
This patch adds 'calc_hash' function using Mbed TLS library
required for Measured Boot support.
Change-Id: Ifc5aee0162d04db58ec6391e0726a526f29a52bb
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
CPUECTLR_EL1.EXTLLC bit indicates the presense of internal or external
last level cache(LLC) in the system, the reset value is internal LLC.
To cater for the platforms(like N1SDP) which has external LLC present
introduce a new build option 'NEOVERSE_N1_EXTERNAL_LLC' which can be
enabled by platform port.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ibf475fcd6fd44401897a71600f4eafe989921363
This implementation simply mimics that of BL31.
Change-Id: Ibbaa4ca012d38ac211c52b0b3e97449947160e07
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
This implementation simply mimics that of BL31.
I did not implement the ENABLE_PIE support for BL2_IN_XIP_MEM=1 case.
It would make the linker script a bit uglier.
Change-Id: If3215abd99f2758dfb232e44b50320d04eba808b
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
This lets the Linux kernel or any other image which expects an FDT in x0 be
loaded directly as BL33 without a separate bootloader on QEMU.
Signed-off-by: Andrew Walbran <qwandor@google.com>
Change-Id: Ia8eb4710a3d97cdd877af3b8aae36a2de7cfc654
Out of two possible implementation of Secure Partition Manager(SPM)
currently only Management mode (MM) design is supported and the support
for SPM based on SPCI Alpha 1 prototype has been removed.
Earlier both implementation used common build flag "ENABLE_SPM" but it
has since been decoupled and MM uses a separate build FLAG "SPM_MM".
Instructions to build it for FVP was still using "ENABLE_SPM", which has
beend corrected in this patch.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I505b98173d6051816436aa602ced6dbec4efc776
Parse the parameter structure the PLM populates, to populate the
bl32 and bl33 image structures.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: I317072d1086f6cc6f90883c1b8b6d086ff57b443
* changes:
plat: xilinx: Move pm_client.h to common directory
plat: xilinx: versal: Make silicon default build target
xilinx: versal: Wire silicon default setup
versal: Increase OCM memory size for DEBUG builds
plat: xilinx: versal: Dont set IOU switch clock
arm64: versal: Adjust cpu clock for versal virtual
xilinx: versal: Add support for PM_GET_OPERATING_CHARACTERISTIC EEMI call
plat: versal: Add Get_ChipID API
plat: xilinx: versal: Add load Pdi API support
xilinx: versal: Add feature check API
xilinx: versal: Implement set wakeup source for client
plat: xilinx: versal: Add GET_CALLBACK_DATA function
xilinx: versal: Add PSCI APIs for system shutdown & reset
xilinx: versal: Add PSCI APIs for suspend/resume
xilinx: versal: Remove no_pmc ops to ON power domain
xilinx: versal: Add set wakeup source API
xilinx: versal: Add client wakeup API
xilinx: versal: Add query data API
xilinx: versal: Add request wakeup API
xilinx: versal: Add PM_INIT_FINALIZE API for versal
xilinx: versal: Add support of PM_GET_TRUSTZONE_VERSION API
xilinx: versal: enable ipi mailbox service
xilinx: move ipi mailbox svc to xilinx common
plat: xilinx: versal: Implement PM IOCTL API
xilinx: versal: Implement power down/restart related EEMI API
xilinx: versal: Add SMC handler for EEMI API
xilinx: versal: Implement PLL related PM APIs
xilinx: versal: Implement clock related PM APIs
xilinx: versal: Implement pin control related PM APIs
xilinx: versal: Implement reset related PM APIs
xilinx: versal: Implement device related PM APIs
xilinx: versal: Add support for suspend related APIs
xilinx: versal: Add get_api_version support
xilinx: Add support to send PM API to PMC using IPI for versal
plat: xilinx: versal: Move versal_def.h to include directory
plat: xilinx: versal: Move versal_private.h to include directory
plat: xilinx: zynqmp: Use GIC framework for warm restart
Add new flags for storage support that must be used in the build
command line. Add the complete build steps for an OP-TEE configuration.
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Change-Id: I0c682f6eb0aab83aa929f4ba734d3151c264aeed
The LLVM linker replaces the GNU linker as default for the link on Clang
builds. It is possible to override the default linker by setting the LD build
flag.
The patch also updates the TF-A doc.
Change-Id: Ic08552b9994d4fa8f0d4863e67a2726c1dce2e35
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
This patch makes default build target as silicon instead of QEMU.
The default can be overwritten by specifying it through build flag
VERSAL_PLATFORM.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: Ia4cb1df1f206db3e514e8ce969acca875e973ace
It's in fact mandatory. Seen with RPi firmware 1.20190925.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Change-Id: I80739b74f25817294adc52cfd26a3ec59c06f892
This toolchain provides multiple cross compilers and are publicly
available on developer.arm.com
We build TF-A in CI using:
AArch32 bare-metal target (arm-none-eabi)
AArch64 ELF bare-metal target (aarch64-none-elf)
Change-Id: I910200174d5bad985504d1af4a1ae5819b524003
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
NOTE for platform integrators:
API `plat_psci_stat_get_residency()` third argument
`last_cpu_idx` is changed from "signed int" to the
"unsigned int" type.
Issue / Trouble points
1. cpu_idx is used as mix of `unsigned int` and `signed int` in code
with typecasting at some places leading to coverity issues.
2. Underlying platform API's return cpu_idx as `unsigned int`
and comparison is performed with platform specific defines
`PLAFORM_xxx` which is not consistent
Misra Rule 10.4:
The value of a complex expression of integer type may only be cast to
a type that is narrower and of the same signedness as the underlying
type of the expression.
Based on above points, cpu_idx is kept as `unsigned int` to match
the API's and low-level functions and platform defines are updated
where ever required
Signed-off-by: Deepika Bhavnani <deepika.bhavnani@arm.com>
Change-Id: Ib26fd16e420c35527204b126b9b91e8babcc3a5c
Creating a Change Log Template for ALL to update with relevant
new features, changes, fixes and known issues for each upcoming
release of Trusted Firmware-A.
The contents of this file should be added to the collective change log
at the time of release code freeze.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Idfbdcef0d40b10312dc88b6e1cbe31856fda887e
Some platforms are extremely memory constrained and must split BL31
between multiple non-contiguous areas in SRAM. Allow the NOBITS
sections (.bss, stacks, page tables, and coherent memory) to be placed
in a separate region of RAM from the loaded firmware image.
Because the NOBITS region may be at a lower address than the rest of
BL31, __RW_{START,END}__ and __BL31_{START,END}__ cannot include this
region, or el3_entrypoint_common would attempt to invalidate the dcache
for the entire address space. New symbols __NOBITS_{START,END}__ are
added when SEPARATE_NOBITS_REGION is enabled, and the dcached for the
NOBITS region is invalidated separately.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Change-Id: Idedfec5e4dbee77e94f2fdd356e6ae6f4dc79d37
Erratum 1688305 is a Cat B erratum present in r0p0, r0p1 versions
of Hercules core. The erratum can be avoided by setting bit 1 of the
implementation defined register CPUACTLR2_EL1 to 1 to prevent store-
release from being dispatched before it is the oldest.
Change-Id: I2ac04f5d9423868b6cdd4ceb3d0ffa46e570efed
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Before adding any new SPM-related components we should first do
some cleanup around the existing SPM-MM implementation. The aim
is to make sure that any SPM-MM components have names that clearly
indicate that they are MM-related. Otherwise, when adding new SPM
code, it could quickly become confusing as it would be unclear to
which component the code belongs.
The secure_partition.h header is a clear example of this, as the
name is generic so it could easily apply to any SPM-related code,
when it is in fact SPM-MM specific.
This patch renames the file and the two structures defined within
it, and then modifies any references in files that use the header.
Change-Id: I44bd95fab774c358178b3e81262a16da500fda26
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
The Secure Partition Manager (SPM) prototype implementation is
being removed. This is preparatory work for putting in place a
dispatcher component that, in turn, enables partition managers
at S-EL2 / S-EL1.
This patch removes:
- The core service files (std_svc/spm)
- The Resource Descriptor headers (include/services)
- SPRT protocol support and service definitions
- SPCI protocol support and service definitions
Change-Id: Iaade6f6422eaf9a71187b1e2a4dffd7fb8766426
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
There are two different implementations of Secure Partition
management in TF-A. One is based on the "Management Mode" (MM)
design, the other is based on the Secure Partition Client Interface
(SPCI) specification. Currently there is a dependency between their
build flags that shouldn't exist, making further development
harder than it should be. This patch removes that
dependency, making the two flags function independently.
Before: ENABLE_SPM=1 is required for using either implementation.
By default, the SPCI-based implementation is enabled and
this is overridden if SPM_MM=1.
After: ENABLE_SPM=1 enables the SPCI-based implementation.
SPM_MM=1 enables the MM-based implementation.
The two build flags are mutually exclusive.
Note that the name of the ENABLE_SPM flag remains a bit
ambiguous - this will be improved in a subsequent patch. For this
patch the intention was to leave the name as-is so that it is
easier to track the changes that were made.
Change-Id: I8e64ee545d811c7000f27e8dc8ebb977d670608a
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Provide an SMC interface to the 9p filesystem. This permits
accessing firmware drivers through a common interface, using
standardized read/write/control operations.
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I9314662314bb060f6bc02714476574da158b2a7d
Sphinx was showing the following warning message:
docs/getting_started/build-options.rst:200: WARNING: Bullet list ends
without a blank line; unexpected unindent.
Change-Id: Iad5d49c1e0d25dd623ad15bce1af31babf860c03
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-Wpadded warns whenever the C compiler automatically includes any
padding in a structure. Because TF-A has a large number of structures,
this occurs fairly frequently and is incredibly verbose, and as such is
unlikely to ever be fixed.
The utility of this warning is also extremely limited - knowing that a
structure includes padding does not point to the existence of an error,
and is probably quite unlikely to indicate actually buggy behaviour.
Therefore, it's probably best to keep this warning off at all times.
Change-Id: I0797cb75f06b4fea0d2fdc16fd5ad978a31d76ec
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
Add the support needed to enable using CryptoCell integration with
with RSA 3K support.
Signed-off-by: Gilad Ben-Yossef <gilad.benyossef@arm.com>
Change-Id: I95527cb0c41ae012109e8968dd20a4ae9fe67f17
This patch adds the Tegra194 SoC information to the nvidia-tegra.rst
file.
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Change-Id: Id649a5ff1b3f70eeee34b508edb7965e7b7a2454
This patch enables LTO for TF-A when compiled with GCC.
LTO is disabled by default and is enabled by
ENABLE_LTO=1 build option.
LTO is enabled only for aarch64 as there seem to be
a bug in the aarch32 compiler when LTO is enabled.
The changes in the makefiles include:
- Adding -flto and associated flags to enable LTO.
- Using gcc as a wrapper at link time instead of ld.
This is recommended when using LTO as gcc internally
takes care of invoking the necessary plugins for LTO.
- Adding switches to pass options to ld.
- Adding a flag to disable fix for erratum cortex-a53-843419
unless explicitly enabled. This is needed because GCC
seem to automatically add the erratum fix when used
as a wrapper for LD.
Additionally, this patch updates the TF-A user guide with
the new build option.
Signed-off-by: zelalem-aweke <zelalem.aweke@arm.com>
Change-Id: I1188c11974da98434b7dc9344e058cd1eacf5468
The User Guide document has grown organically over time and
now covers a wide range of topics, making it difficult to
skim read and extract information from. Currently, it covers
these topics and maybe a couple more:
- Requirements (hardware, tools, libs)
- Checking out the repo
- Basic build instructions
- A comprehensive list of build flags
- FIP packaging
- Building specifically for Juno
- Firmware update images
- EL3 payloads
- Preloaded BL33 boot flow
- Running on FVPs
- Running on Juno
I have separated these out into a few groups that become new
documents. Broadly speaking, build instructions for the tools,
for TF-A generally, and for specific scenarios are separated.
Content relating to specific platforms (Juno and the FVPs are
Arm-specific platforms, essentially) has been moved into the
documentation that is specific to those platforms, under
docs/plat/arm.
Change-Id: Ica87c52d8cd4f577332be0b0738998ea3ba3bbec
Signed-off-by: Paul Beesley <paul.beesley@arm.com>