Commit Graph

132 Commits

Author SHA1 Message Date
Balint Dobszay 46789a7c71 build(bl2): enable SP pkg loading for S-EL1 SPMC
Currently the SP package loading mechanism is only enabled when S-EL2
SPMC is selected. Remove this limitation.

Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Change-Id: I5bf5a32248e85a26d0345cacff7d539eed824cfc
2021-09-28 16:44:58 +02:00
Manish V Badarkhe c885d5c84d refactor(hw_crc32): renamed hw_crc32 to tf_crc32
Renamed hw_crc32 to tf_crc32 to make the file and function
name more generic so that the same name can be used in upcoming
software CRC32 implementation.

Change-Id: Idff8f70c50ca700a4328a27b49d5e1f14d2095eb
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
2021-08-02 17:15:41 +01:00
Manish V Badarkhe 2f1177b2b9 feat(plat/arm): add FWU support in Arm platforms
Added firmware update support in Arm platforms by using
FWU platform hooks and compiling FWU driver in BL2
component.

Change-Id: I71af06c09d95c2c58e3fd766c4a61c5652637151
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
2021-08-02 17:15:40 +01:00
Abdellatif El Khlifi bf3ce99371 feat: adding the diphda platform
This commit enables trusted-firmware-a with Trusted Board Boot support
for the Diphda 64-bit platform.

Diphda uses a FIP image located in the flash. The FIP contains the
following components:

- BL2
- BL31
- BL32
- BL32 SPMC manifest
- BL33
- The TBB certificates

The board boot relies on CoT (chain of trust). The trusted-firmware-a
BL2 is extracted from the FIP and verified by the Secure Enclave
processor. BL2 verification relies on the signature area at the
beginning of the BL2 image. This area is needed by the SecureEnclave
bootloader.

Then, the application processor is released from reset and starts by
executing BL2.

BL2 performs the actions described in the trusted-firmware-a TBB design
document.

Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Change-Id: Iddb1cb9c2a0324a9635e23821c210ac81dfc305d
2021-07-22 18:01:39 +01:00
Manish Pandey 7285fd5f9a feat(plat/arm): enable PIE when RESET_TO_SP_MIN=1
For Arm platforms PIE is enabled when RESET_TO_BL31=1 in aarch64 mode on
the similar lines enable PIE when RESET_TO_SP_MIN=1 in aarch32 mode.
The underlying changes for enabling PIE in aarch32 is submitted in
commit 4324a14bf

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ib8bb860198b3f97cdc91005503a3184d63e15469
2021-06-29 11:59:01 +01:00
Manish V Badarkhe a1cedadf73 feat(hw_crc): add support for HW computed CRC
Added support for HW computed CRC using Arm ACLE intrinsics.
These are built-in intrinsics available for ARMv8.1-A, and
onwards.
These intrinsics are enabled via '-march=armv8-a+crc' compile
switch for ARMv8-A (supports CRC instructions optionally).

HW CRC support is enabled unconditionally in BL2 for all Arm
platforms.

HW CRC calculation is verified offline to ensure a similar
result as its respective ZLib utility function.

HW CRC calculation support will be used in the upcoming
firmware update patches.

Change-Id: Ia2ae801f62d2003e89a9c3e6d77469b5312614b3
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
2021-05-19 19:34:34 +01:00
Olivier Deprez 6794378d2e Merge changes from topic "fw-update" into integration
* changes:
  docs: add build options for GPT support enablement
  feat(plat/arm): add GPT parser support
2021-04-29 14:49:10 +02:00
Manish V Badarkhe ef1daa420f feat(plat/arm): add GPT parser support
Added GPT parser support in BL2 for Arm platforms to get the entry
address and length of the FIP in the GPT image.

Also, increased BL2 maximum size for FVP platform to successfully
compile ROM-enabled build with this change.

Verified this change using a patch:
https://review.trustedfirmware.org/c/ci/tf-a-ci-scripts/+/9654

Change-Id: Ie8026db054966653b739a82d9ba106d283f534d0
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
2021-04-29 10:11:06 +01:00
David Horstmann 7d111d99c6 refactor(plat/arm): store UUID as a string, rather than ints
NOTE: Breaking change to the way UUIDs are stored in the DT

Currently, UUIDs are stored in the device tree as
sequences of 4 integers. There is a mismatch in endianness
between the way UUIDs are represented in memory and the way
they are parsed from the device tree. As a result, we must either
store the UUIDs in little-endian format in the DT (which means
that they do not match up with their string representations)
or perform endianness conversion after parsing them.

Currently, TF-A chooses the second option, with unwieldy
endianness-conversion taking place after reading a UUID.

To fix this problem, and to make it convenient to copy and
paste UUIDs from other tools, change to store UUIDs in string
format, using a new wrapper function to parse them from the
device tree.

Change-Id: I38bd63c907be14e412f03ef0aab9dcabfba0eaa0
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2021-04-28 12:13:58 +01:00
Mikael Olsson 76a21174d2 Add SiP service to configure Arm Ethos-N NPU
By default the Arm Ethos-N NPU will boot up in secure mode. In this mode
the non-secure world cannot access the registers needed to use the NPU.
To still allow the non-secure world to use the NPU, a SiP service has
been added that can delegate non-secure access to the registers needed
to use it.

Only the HW_CONFIG for the Arm Juno platform has been updated to include
the device tree for the NPU and the platform currently only loads the
HW_CONFIG in AArch64 builds.

Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I65dfd864042ed43faae0a259dcf319cbadb5f3d2
2021-04-20 15:42:18 +02:00
Andre Przywara e27340a74d plat/arm: Remove ARM_LINUX_KERNEL_AS_BL33 relying on RESET_TO_BL31
So far the ARM platform Makefile would require that RESET_TO_BL31 is set
when we ask for the ARM_LINUX_KERNEL_AS_BL33 feature.
There is no real technical reason for that, and the one place in the
code where this was needed has been fixed.

Remove the requirement of those two options to be always enabled
together.
This enables the direct kernel boot feature for the Foundation FVP
(as described in the documentation), which requires a BL1/FIP
combination to boot, so cannot use RESET_TO_BL31.

Change-Id: I6814797b6431b6614d684bab3c5830bfd9481851
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
2021-02-09 13:47:47 +00:00
Olivier Deprez 21023273c9 Merge "plat/arm: Introduce and use libc_asm.mk makefile" into integration 2020-09-24 14:39:24 +00:00
Manish Pandey 101daafd6b Merge changes from topic "ehf_common" into integration
* changes:
  plat: tegra: Use generic ehf defines
  ehf: use common priority level enumuration
2020-09-18 14:20:02 +00:00
Manish V Badarkhe 28e9a55fc8 lib: fconf: Implement a parser to populate CoT
Implemented a parser which populates the properties of
the CoT descriptors as per the binding document [1].
'COT_DESC_IN_DTB' build option is disabled by default and can
be enabled in future for all Arm platforms by making necessary
changes in the memory map.
Currently, this parser is tested only for FVP platform.

[1]:
https://trustedfirmware-a.readthedocs.io/en/latest/components/cot-binding.html

Change-Id: I2f911206087a1a2942aa728de151d2ac269d27cc
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
2020-09-15 16:13:26 +01:00
Alexei Fedorov e3f2b1a932 plat/arm: Introduce and use libc_asm.mk makefile
Trace analysis of FVP_Base_AEMv8A 0.0/6063 model
running in Aarch32 mode with the build options
listed below:
TRUSTED_BOARD_BOOT=1 GENERATE_COT=1
ARM_ROTPK_LOCATION=devel_ecdsa KEY_ALG=ecdsa
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_ecdsa.pem
shows that when auth_signature() gets called
71.99% of CPU execution time is spent in memset() function
written in C using single byte write operations,
see lib\libc\memset.c.
This patch introduces new libc_asm.mk makefile which
replaces C memset() implementation with assembler
version giving the following results:
- for Aarch32 in auth_signature() call memset() CPU time
reduced to 20.56%.
The number of CPU instructions (Inst) executed during
TF-A boot stage before start of BL33 in RELEASE builds
for different versions is presented in the tables below,
where:
- C TF-A: existing TF-A C code;
- C musl: "lightweight code" C "implementation of the
  standard library for Linux-based systems"
https://git.musl-libc.org/cgit/musl/tree/src/string/memset.c
- Asm Opt: assemler version from "Arm Optimized Routines"
  project
https://github.com/ARM-software/optimized-routines/blob/
master/string/arm/memset.S
- Asm Linux: assembler version from Linux kernel
https://github.com/torvalds/linux/blob/master/arch/arm/lib/memset.S
- Asm TF-A: assembler version from this patch

Aarch32:
+-----------+------+------+--------------+----------+
| Variant   | Set  | Size |    Inst 	 |  Ratio   |
+-----------+------+------+--------------+----------+
| C TF-A    | T32  | 16   | 2122110003   | 1.000000 |
| C musl    | T32  | 156  | 1643917668   | 0.774662 |
| Asm Opt   | T32  | 84   | 1604810003   | 0.756233 |
| Asm Linux | A32  | 168  | 1566255018   | 0.738065 |
| Asm TF-A  | A32  | 160  | 1525865101   | 0.719032 |
+-----------+------+------+--------------+----------+

AArch64:
+-----------+------+------------+----------+
| Variant   | Size |    Inst    |  Ratio   |
+-----------+------+------------+----------+
| C TF-A    | 28   | 2732497518 | 1.000000 |
| C musl    | 212  | 1802999999 | 0.659836 |
| Asm TF-A  | 140  | 1680260003 | 0.614917 |
+-----------+------+------------+----------+

This patch modifies 'plat\arm\common\arm_common.mk'
by overriding libc.mk makefile with libc_asm.mk and
does not effect other platforms.

Change-Id: Ie89dd0b74ba1079420733a0d76b7366ad0157c2e
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
2020-09-02 16:21:34 +00:00
Sandeep Tripathy 262aceaac4 ehf: use common priority level enumuration
'EHF' is used by RAS, SDEI, SPM_MM common frameworks.
If platform needs to plug-in specific handlers then
'PLAT_EHF_DESC' can be used to populate platform specific
priority levels.

Signed-off-by: Sandeep Tripathy <sandeep.tripathy@broadcom.com>
Change-Id: I37af7e0e48111f87b6982604bf5c15db3e05755d
2020-08-26 22:02:23 +05:30
Alexei Fedorov d686fa3b97 TF-A: Add Event Log for Measured Boot
This patch adds support for Event Log generation required
for Measured Boot functionality.

Change-Id: I34f05a33565e6659e78499d62cc6fb00b7d6c2dc
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
2020-07-21 20:33:15 +00:00
Manish V Badarkhe b58956e976 Fix the build error for dualroot chain of trust.
Fixed build error for dualroot chain of trust.
Build error were thrown as below while compiling the code for
dualroot chain of trust:

aarch64-none-elf-ld.bfd: ./build/fvp/debug/bl1/tbbr_cot_bl1.o:
(.bss.auth_img_flags+0x0): multiple definition of `auth_img_flags';
./build/fvp/debug/bl1/cot.o:(.bss.auth_img_flags+0x0): first defined here

aarch64-none-elf-ld.bfd: ./build/fvp/debug/bl1/tbbr_cot_bl1.o:
(.rodata.cot_desc_size+0x0): multiple definition of `cot_desc_size';
./build/fvp/debug/bl1/cot.o:(.rodata.cot_desc_size+0x0): first defined here

aarch64-none-elf-ld.bfd: ./build/fvp/debug/bl1/tbbr_cot_bl1.o:
(.rodata.cot_desc_ptr+0x0): multiple definition of `cot_desc_ptr';
./build/fvp/debug/bl1/cot.o:(.rodata.cot_desc_ptr+0x0): first defined here


Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I1a426c4e7f5f8013d71dafc176c7467c1b329757
2020-05-27 09:24:53 +00:00
Manish V Badarkhe ad43c49ee3 Cleanup the code for TBBR CoT descriptors
CoT used for BL1 and BL2 are moved to tbbr_cot_bl1.c
and tbbr_cot_bl2.c respectively.
Common CoT used across BL1 and BL2 are moved to
tbbr_cot_common.c.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I2252ac8a6960b3431bcaafdb3ea4fb2d01b79cf5
2020-05-19 05:05:19 +01:00
Balint Dobszay cbf9e84a19 plat/arm/fvp: Support performing SDEI platform setup in runtime
This patch introduces dynamic configuration for SDEI setup and is supported
when the new build flag SDEI_IN_FCONF is enabled. Instead of using C arrays
and processing the configuration at compile time, the config is moved to
dts files. It will be retrieved at runtime during SDEI init, using the fconf
layer.

Change-Id: If5c35a7517ba00a9f258d7f3e7c8c20cee169a31
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Co-authored-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
2020-05-15 10:05:06 -05:00
Mark Dykes ce8dfd2884 Merge "fconf: Clean Arm IO" into integration 2020-03-24 18:14:24 +00:00
Olivier Deprez c33ff1985e spmd: skip loading of secure partitions on pre-v8.4 platforms
When SPD=spmd and SPMD_SPM_AT_SEL2=0, that is SPMC sits at S-EL1
then there is no need for TF-A to load secure partitions individually.
In this configuration, SPMC handles secure partition loading at
S-EL1/EL0 levels.

Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I06a0d88a4811274a8c347ce57b56bb5f64e345df
2020-03-23 19:30:48 +00:00
Louis Mayencourt a6de824f7e fconf: Clean Arm IO
Merge the previously introduced arm_fconf_io_storage into arm_io_storage. This
removes the duplicate io_policies and functions definition.

This patch:
- replace arm_io_storage.c with the content of arm_fconf_io_storage.c
- rename the USE_FCONF_BASED_IO option into ARM_IO_IN_DTB.
- use the ARM_IO_IN_DTB option to compile out io_policies moved in dtb.
- propagate DEFINES when parsing dts.
- use ARM_IO_IN_DTB to include or not uuid nodes in fw_config dtb.
- set the ARM_IO_IN_DTB to 0 by default for fvp. This ensure that the behavior
  of fvp stays the same as it was before the introduction of fconf.

Change-Id: Ia774a96d1d3a2bccad29f7ce2e2b4c21b26c080e
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
2020-03-16 11:49:19 +00:00
Mark Dykes f09852c97b Merge changes from topic "sb/dualroot" into integration
* changes:
  plat/arm: Pass cookie argument down to arm_get_rotpk_info()
  plat/arm: Add support for dualroot CoT
  plat/arm: Provide some PROTK files for development
2020-03-10 18:34:56 +00:00
Olivier Deprez 7cd64d19c9 fconf: Add Secure Partitions information as property
Use the firmware configuration framework to retrieve information about
Secure Partitions to facilitate loading them into memory.

To load a SP image we need UUID look-up into FIP and the load address
where it needs to be loaded in memory.

This patch introduces a SP populator function which gets UUID and load
address from firmware config device tree and updates its C data
structure.

Change-Id: I17faec41803df9a76712dcc8b67cadb1c9daf8cd
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
2020-03-03 10:59:17 +00:00
Sandrine Bailleux 1035a70625 plat/arm: Add support for dualroot CoT
- Use the development PROTPK if using the dualroot CoT.

  Note that unlike the ROTPK, the PROTPK key hash file is not generated
  from the key file, instead it has to be provided. This might be
  enhanced in the future.

- Define a CoT build flag for the platform code to provide different
  implementations where needed.

Change-Id: Iaaf25183b94e77a99a5d8d875831d90c102a97ea
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
2020-02-24 11:01:44 +01:00
Sandrine Bailleux 21c4f56fa7 Merge changes from topic "lm/fconf" into integration
* changes:
  arm-io: Panic in case of io setup failure
  MISRA fix: Use boolean essential type
  fconf: Add documentation
  fconf: Move platform io policies into fconf
  fconf: Add mbedtls shared heap as property
  fconf: Add TBBR disable_authentication property
  fconf: Add dynamic config DTBs info as property
  fconf: Populate properties from dtb during bl2 setup
  fconf: Load config dtb from bl1
  fconf: initial commit
2020-02-11 16:15:45 +00:00
Achin Gupta c3fb00d93e SPMD: enable SPM dispatcher support
This patch adds support to the build system to include support for the SPM
dispatcher when the SPD configuration option is spmd.

Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Change-Id: Ic1ae50ecd7403fcbcf1d318abdbd6ebdc642f732
2020-02-10 14:09:21 +00:00
Louis Mayencourt 0a6e7e3b76 fconf: Move platform io policies into fconf
Use the firmware configuration framework to store the io_policies
information inside the configuration device tree instead of the static
structure in the code base.

The io_policies required by BL1 can't be inside the dtb, as this one is
loaded by BL1, and only available at BL2.

This change currently only applies to FVP platform.

Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
2020-02-07 13:51:32 +00:00
Louis Mayencourt ce8528411a fconf: Add TBBR disable_authentication property
Use fconf to retrieve the `disable_authentication` property.
Move this access from arm dynamic configuration to bl common.

Change-Id: Ibf184a5c6245d04839222f5457cf5e651f252b86
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
2020-02-07 13:51:32 +00:00
Louis Mayencourt ab1981db9e fconf: initial commit
Introduce the Firmware CONfiguration Framework (fconf).

The fconf is an abstraction layer for platform specific data, allowing
a "property" to be queried and a value retrieved without the requesting
entity knowing what backing store is being used to hold the data.

The default backing store used is C structure. If another backing store
has to be used, the platform integrator needs to provide a "populate()"
function to fill the corresponding C structure.
The "populate()" function must be registered to the fconf framework with
the "FCONF_REGISTER_POPULATOR()". This ensures that the function would
be called inside the "fconf_populate()" function.

A two level macro is used as getter:
- the first macro takes 3 parameters and converts it to a function
  call: FCONF_GET_PROPERTY(a,b,c) -> a__b_getter(c).
- the second level defines a__b_getter(c) to the matching C structure,
  variable, array, function, etc..

Ex: Get a Chain of trust property:
    1) FCONF_GET_PROPERY(tbbr, cot, BL2_id) -> tbbr__cot_getter(BL2_id)
    2) tbbr__cot_getter(BL2_id) -> cot_desc_ptr[BL2_id]

Change-Id: Id394001353ed295bc680c3f543af0cf8da549469
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
2020-02-07 13:29:09 +00:00
Sandrine Bailleux 9eac8e958e Merge changes from topic "mp/separate_nobits" into integration
* changes:
  plat/arm: Add support for SEPARATE_NOBITS_REGION
  Changes necessary to support SEPARATE_NOBITS_REGION feature
2020-02-04 16:37:09 +00:00
Sandrine Bailleux 3bff910dc1 Introduce COT build option
Allows to select the chain of trust to use when the Trusted Boot feature
is enabled. This affects both the cert_create tool and the firmware
itself.

Right now, the only available CoT is TBBR.

Change-Id: I7ab54e66508a1416cb3fcd3dfb0f055696763b3d
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
2020-01-29 14:00:33 +01:00
Madhukar Pappireddy 0c1f197aa1 plat/arm: Add support for SEPARATE_NOBITS_REGION
In order to support SEPARATE_NOBITS_REGION for Arm platforms, we need to load
BL31 PROGBITS into secure DRAM space and BL31 NOBITS into SRAM. Hence mandate
the build to require that ARM_BL31_IN_DRAM is enabled as well.

Naturally with SEPARATE_NOBITS_REGION enabled, the BL31 initialization code
cannot be reclaimed to be used for runtime data such as secondary cpu stacks.

Memory map for BL31 NOBITS region also has to be created.

Change-Id: Ibbc8c9499a32e63fd0957a6e254608fbf6fa90c9
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
2020-01-27 15:38:43 -06:00
Mark Dykes 3c6ec8f122 Revert "plat/arm: Add support for SEPARATE_NOBITS_REGION"
This reverts commit d433bbdd45.

Change-Id: I46c69dce704a1ce1b50452dd4d62425c4a67f7f0
2020-01-23 16:09:05 +00:00
Madhukar Pappireddy d433bbdd45 plat/arm: Add support for SEPARATE_NOBITS_REGION
In order to support SEPARATE_NOBITS_REGION for Arm platforms, we need to load
BL31 PROGBITS into secure DRAM space and BL31 NOBITS into SRAM. Hence mandate
the build to require that ARM_BL31_IN_DRAM is enabled as well.

Naturally with SEPARATE_NOBITS_REGION enabled, the BL31 initialization code
cannot be reclaimed to be used for runtime data such as secondary cpu stacks.

Memory map for BL31 NOBITS region also has to be created.

Change-Id: Ibd480f82c1dc74e9cbb54eec07d7a8fecbf25433
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
2020-01-21 20:12:05 -06:00
Paul Beesley 538b002046 spm: Remove SPM Alpha 1 prototype and support files
The Secure Partition Manager (SPM) prototype implementation is
being removed. This is preparatory work for putting in place a
dispatcher component that, in turn, enables partition managers
at S-EL2 / S-EL1.

This patch removes:

- The core service files (std_svc/spm)
- The Resource Descriptor headers (include/services)
- SPRT protocol support and service definitions
- SPCI protocol support and service definitions

Change-Id: Iaade6f6422eaf9a71187b1e2a4dffd7fb8766426
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
2019-12-20 16:03:32 +00:00
Paul Beesley 3f3c341ae5 Remove dependency between SPM_MM and ENABLE_SPM build flags
There are two different implementations of Secure Partition
management in TF-A. One is based on the "Management Mode" (MM)
design, the other is based on the Secure Partition Client Interface
(SPCI) specification. Currently there is a dependency between their
build flags that shouldn't exist, making further development
harder than it should be. This patch removes that
dependency, making the two flags function independently.

Before: ENABLE_SPM=1 is required for using either implementation.
        By default, the SPCI-based implementation is enabled and
        this is overridden if SPM_MM=1.

After: ENABLE_SPM=1 enables the SPCI-based implementation.
       SPM_MM=1 enables the MM-based implementation.
       The two build flags are mutually exclusive.

Note that the name of the ENABLE_SPM flag remains a bit
ambiguous - this will be improved in a subsequent patch. For this
patch the intention was to leave the name as-is so that it is
easier to track the changes that were made.

Change-Id: I8e64ee545d811c7000f27e8dc8ebb977d670608a
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
2019-12-20 16:03:02 +00:00
Bence Szépkúti 0531ada537 pmf: Make the runtime instrumentation work on AArch32
Ported the pmf asm macros and the asm code in the bl31 entrypoint
necessary for the instrumentation to AArch32.

Since smc dispatch is handled by the bl32 payload on AArch32, we
provide this service only if AARCH32_SP=sp_min is set.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Change-Id: Id33b7e9762ae86a4f4b40d7f1b37a90e5130c8ac
2019-12-17 16:08:04 +01:00
Bence Szépkúti 9d7251918d SiP: Don't validate entrypoint if state switch is impossible
Switching execution states is only possible if EL3 is AArch64.
As such there is no need to validate the entrypoint on AArch32 builds.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Change-Id: I3c1eb25b5df296a492870641d274bf65213c6608
2019-12-17 16:04:09 +01:00
Manish Pandey 133a5c6802 plat/arm: Re-enable PIE when RESET_TO_BL31=1
Earlier PIE support was enabled for all arm platforms when
RESET_TO_BL31=1, but later on it was restricted only to FVP with patch
SHA d4580d17 because of n1sdp platform.

Now it has been verified that PIE does work for n1sdp platform also, so
enabling it again for all arm platforms.

Change-Id: I05ad4f1775ef72e7cb578ec9245cde3fbce971a5
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
2019-11-07 10:23:15 +00:00
Alexei Fedorov ed108b5605 Refactor ARMv8.3 Pointer Authentication support code
This patch provides the following features and makes modifications
listed below:
- Individual APIAKey key generation for each CPU.
- New key generation on every BL31 warm boot and TSP CPU On event.
- Per-CPU storage of APIAKey added in percpu_data[]
  of cpu_data structure.
- `plat_init_apiakey()` function replaced with `plat_init_apkey()`
  which returns 128-bit value and uses Generic timer physical counter
  value to increase the randomness of the generated key.
  The new function can be used for generation of all ARMv8.3-PAuth keys
- ARMv8.3-PAuth specific code placed in `lib\extensions\pauth`.
- New `pauth_init_enable_el1()` and `pauth_init_enable_el3()` functions
  generate, program and enable APIAKey_EL1 for EL1 and EL3 respectively;
  pauth_disable_el1()` and `pauth_disable_el3()` functions disable
  PAuth for EL1 and EL3 respectively;
  `pauth_load_bl31_apiakey()` loads saved per-CPU APIAKey_EL1 from
  cpu-data structure.
- Combined `save_gp_pauth_registers()` function replaces calls to
  `save_gp_registers()` and `pauth_context_save()`;
  `restore_gp_pauth_registers()` replaces `pauth_context_restore()`
  and `restore_gp_registers()` calls.
- `restore_gp_registers_eret()` function removed with corresponding
  code placed in `el3_exit()`.
- Fixed the issue when `pauth_t pauth_ctx` structure allocated space
  for 12 uint64_t PAuth registers instead of 10 by removal of macro
  CTX_PACGAKEY_END from `include/lib/el3_runtime/aarch64/context.h`
  and assigning its value to CTX_PAUTH_REGS_END.
- Use of MODE_SP_ELX and MODE_SP_EL0 macro definitions
  in `msr	spsel`  instruction instead of hard-coded values.
- Changes in documentation related to ARMv8.3-PAuth and ARMv8.5-BTI.

Change-Id: Id18b81cc46f52a783a7e6a09b9f149b6ce803211
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
2019-09-13 14:11:59 +01:00
Ambroise Vincent 5b6ebeec9c Remove MULTI_CONSOLE_API flag and references to it
The new API becomes the default one.

Change-Id: Ic1d602da3dff4f4ebbcc158b885295c902a24fec
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
2019-06-28 10:52:48 +01:00
Aditya Angadi b0c97dafe0 plat/arm: introduce wrapper functions to setup secure watchdog
The BL1 stage setup code for ARM platforms sets up the SP805 watchdog
controller as the secure watchdog. But not all ARM platforms use SP805
as the secure watchdog controller.

So introduce two new ARM platform code specific wrapper functions to
start and stop the secure watchdog. These functions then replace the
calls to SP805 driver in common BL1 setup code. All the ARM platforms
implement these wrapper functions by either calling into SP805 driver
or the SBSA watchdog driver.

Change-Id: I1a9a11b124cf3fac2a84f22ca40acd440a441257
Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
2019-04-17 18:42:48 +05:30
Antonio Nino Diaz ff6844c3de plat/arm: Implement ARMv8.3-PAuth interfaces
This feature is only supported on FVP.

Change-Id: I4e265610211d92a84bd2773c34acfbe02a1a1826
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-02-27 11:58:09 +00:00
Antonio Nino Diaz bd9344f670 plat/arm: Sanitise includes
Use full include paths like it is done for common includes.

This cleanup was started in commit d40e0e08283a ("Sanitise includes
across codebase"), but it only cleaned common files and drivers. This
patch does the same to Arm platforms.

Change-Id: If982e6450bbe84dceb56d464e282bcf5d6d9ab9b
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-01-25 16:04:10 +00:00
Antonio Nino Diaz 8855e52ec5 SPM: Rename SPM_DEPRECATED flag to SPM_MM
The SPM implementation based on MM is going to be kept for the
foreseeable future.

Change-Id: I11e96778a4f52a1aa803e7e048d9a7cb24a53954
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Acked-by: Sumit Garg <sumit.garg@linaro.org>
2019-01-22 09:20:59 +00:00
Soby Mathew d4580d17eb plat/arm: Restrict PIE support to FVP
The patch SHA 55cf015c enabled PIE support when RESET_TO_BL31=1 for
all ARM platforms. But it seems n1sdp platform doesn't work with PIE
support yet. Hence restrict the ENABLE_PIE=1 to fvp platform.

Change-Id: If44e42528e4b0b57c69084503f346576fe0748bd
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
2019-01-07 14:19:00 +00:00
Antonio Nino Diaz 500436b237 plat/arm: Remove comment that mentions LOAD_IMAGE_V2
This option was removed in v2.0.

Change-Id: I0c929fddb57d60c5eff9e45dd5ee8c636b28e6c3
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-12-19 17:07:32 +00:00
Antonio Nino Diaz 680389a65a SPM: Load image and RD from SP package
Load SP and RD from package instead of relying on RD being already
loaded in memory and the SP being loaded as a BL32 image.

Change-Id: I18d4fbf4597656c6a7e878e1d7c01a8a324f3f8a
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-12-11 13:45:41 +00:00