* changes:
board/rddaniel: intialize tzc400 controllers
plat/arm/tzc: add support to configure multiple tzc400
plat/arm: allow boards to specify second DRAM Base address
plat/arm: allow boards to define PLAT_ARM_TZC_FILTERS
MISRA C-2012 Rule 20.7:
Macro parameter expands into an expression without being wrapped by parentheses.
MISRA C-2012 Rule 12.1:
Missing explicit parentheses on sub-expression.
MISRA C-2012 Rule 18.4:
Essential type of the left hand operand is not the same as that of the right
operand.
Include does not provide any needed symbols.
Change-Id: Ie1c6451cfbc8f519146c28b2cf15c50b1f36adc8
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
* changes:
marvell: Consolidate console register calls
uniphier: Use generic console_t data structure
spe: Use generic console_t data structure
LS 16550: Use generic console_t data structure
stm32: Use generic console_t data structure
rcar: Use generic console_t data structure
a3700: Use generic console_t data structure
16550: Use generic console_t data structure
imx: Use generic console_t data structure
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location for the coreboot memory console.
This removes the base member from the coreboot specific data structure,
but keeps the struct console_cbmc_t and its size member.
Change-Id: I7f1dffd41392ba3fe5c07090aea761a42313fb5b
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I7a23327394d142af4b293ea7ccd90b843c54587c
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I07a07677153d3671ced776671e4f107824d3df16
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
*All* UART drivers in TF-A are storing their base address as a uintptr_t
pointer in the first location of the UART specific driver data.
Since the base address is a pretty natural and generic data item, we
should integrate this into the generic console_t structure.
That will not only allow to remove a lot of seemingly UART specific data
structures, but also enables to simplify runtime choices between different
UARTs, since they can share the same pointer.
This patch just adds the new member, the existing data structures will
be handled on a per-UART base in follow-up patches.
Change-Id: I59ce49471ccc8f3b870f2cfd8a72ebfd0cb14d12
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I9f8b55414ab7965e431e3e86d182eabd511f32a4
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: Iea6ca26ff4903c33f0fad27fec96fdbabd4e0a91
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I836e26ff1771abf21fd460d0ee40e90a452e9b43
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I89c3ab2ed85ab941d8b38ced48474feb4aaa8b7e
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I5c2fe3b6a667acf80c808cfec4a64059a2c9c25f
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
This patch introduces a build flag which allows the xlat tables
to be mapped in a read-only region within BL31 memory. It makes it
much harder for someone who has acquired the ability to write to
arbitrary secure memory addresses to gain control of the
translation tables.
The memory attributes of the descriptors describing the tables
themselves are changed to read-only secure data. This change
happens at the end of BL31 runtime setup. Until this point, the
tables have read-write permissions. This gives a window of
opportunity for changes to be made to the tables with the MMU on
(e.g. reclaiming init code). No changes can be made to the tables
with the MMU turned on from this point onwards. This change is also
enabled for sp_min and tspd.
To make all this possible, the base table was moved to .rodata. The
penalty we pay is that now .rodata must be aligned to the size of
the base table (512B alignment). Still, this is better than putting
the base table with the higher level tables in the xlat_table
section, as that would cost us a full 4KB page.
Changing the tables from read-write to read-only cannot be done with
the MMU on, as the break-before-make sequence would invalidate the
descriptor which resolves the level 3 page table where that very
descriptor is located. This would make the translation required for
writing the changes impossible, generating an MMU fault.
The caches are also flushed.
Signed-off-by: Petre-Ionut Tudor <petre-ionut.tudor@arm.com>
Change-Id: Ibe5de307e6dc94c67d6186139ac3973516430466
This patch modifies the delay timer driver to switch to the ARM
secure physical timer instead of using Tegra's on-chip uS timer.
The secure timer is not accessible to the NS world and so eliminates
an important attack vector, where the Tegra timer source gets switched
off from the NS world leading to a DoS attack for the trusted world.
This timer is shared with the S-EL1 layer for now, but later patches
will mark it as exclusive to the EL3 exception mode.
Change-Id: I2c00f8cb4c48b25578971c626c314603906ad7cc
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This patch moves the MHZ_TICKS_PER_SEC macro to utils_def.h
for other platforms to use.
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Change-Id: I6c4dc733f548d73cfdb3515ec9ad89a9efaf4407
The CPUACTLR_EL1 register on Cortex-A57 CPUs supports a bit to enable
non-cacheable streaming enhancement. Platforms can set this bit only
if their memory system meets the requirement that cache line fill
requests from the Cortex-A57 processor are atomic.
This patch adds support to enable higher performance non-cacheable load
forwarding for such platforms. Platforms must enable this support by
setting the 'A57_ENABLE_NONCACHEABLE_LOAD_FWD' flag from their
makefiles. This flag is disabled by default.
Change-Id: Ib27e55dd68d11a50962c0bbc5b89072208b4bac5
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Removed duplicate error code present for SMCCC and used
proper error code for "SMCCC_ARCH_WORKAROUND_2" call.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I76fc7c88095f78a7e2c3d205838f8eaf3132ed5c
For platforms that have two or more TZC400 controllers instantiated,
allow the TZC400 driver to be usable with all those instances.
This is achieved by allowing 'arm_tzc400_setup' function to accept
the base address of the TZC400 controller.
Change-Id: I4add470e6ddb58432cd066145e644112400ab924
Signed-off-by: Suyash Pathak <suyash.pathak@arm.com>
The base address for second DRAM varies across different platforms.
So allow platforms to define second DRAM by moving Juno/SGM-775 specific
definition of second DRAM base address to Juno/SGM-775 board definition
respectively, SGI/RD specific definition of DRAM 2 base address to SGI
board definition.
Change-Id: I0ecd3a2bd600b6c7019c7f06f8c452952bd07cae
Signed-off-by: Suyash Pathak <suyash.pathak@arm.com>
A TZC400 can have upto 4 filters and the number of filters instantiated
within a TZC400 is platform dependent. So allow platforms to define the
value of PLAT_ARM_TZC_FILTERS by moving the existing Juno specific
definition of PLAT_ARM_TZC_FILTERS to Juno board definitions.
Change-Id: I67a63d7336595bbfdce3163f9a9473e15e266f40
Signed-off-by: Suyash Pathak <suyash.pathak@arm.com>
Fixes for the following MISRA violations:
- Missing explicit parentheses on sub-expression
- An identifier or macro name beginning with an
underscore, shall not be declared
- Type mismatch in BL1 SMC handlers and tspd_main.c
Change-Id: I7a92abf260da95acb0846b27c2997b59b059efc4
Signed-off-by: Zelalem <zelalem.aweke@arm.com>
* changes:
SPMD: enable SPM dispatcher support
SPMD: hook SPMD into standard services framework
SPMD: add SPM dispatcher based upon SPCI Beta 0 spec
SPMD: add support to run BL32 in TDRAM and BL31 in secure DRAM on Arm FVP
SPMD: add support for an example SPM core manifest
SPMD: add SPCI Beta 0 specification header file
This patch adds a rudimentary SPM dispatcher component in EL3.
It does the following:
- Consumes the TOS_FW_CONFIG to determine properties of the SPM core
component
- Initialises the SPM core component which resides in the BL32 image
- Implements a handler for SPCI calls from either security state. Some
basic validation is done for each call but in most cases it is simply
forwarded as-is to the "other" security state.
Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Change-Id: I7d116814557f7255f4f4ebb797d1619d4fbab590
This patch reserves and maps the Trusted DRAM for SPM core execution.
It also configures the TrustZone address space controller to run BL31
in secure DRAM.
Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Change-Id: I7e1bb3bbc61a0fec6a9cb595964ff553620c21dc
This patch repurposes the TOS FW configuration file as the manifest for
the SPM core component which will reside at the secure EL adjacent to
EL3. The SPM dispatcher component will use the manifest to determine how
the core component must be initialised. Routines and data structure to
parse the manifest have also been added.
Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Change-Id: Id94f8ece43b4e05609f0a1d364708a912f6203cb
Currently sptool generates a single blob containing all the Secure
Partitions, with latest SPM implementation, it is desirable to have
individual blobs for each Secure Partition. It allows to leverage
packaging and parsing of SP on existing FIP framework. It also allows
SP packages coming from different sources.
This patch modifies sptool so that it takes number of SP payload pairs
as input and generates number of SP blobs instead of a single blob.
Each SP blob can optionally have its own header containing offsets and
sizes of different payloads along with a SP magic number and version.
It is also associated in FIP with a UUID, provided by SP owner.
Usage example:
sptool -i sp1.bin:sp1.dtb -o sp1.pkg -i sp2.bin:sp2.dtb -o sp2.pkg ...
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ie2db8e601fa1d4182d0a1d22e78e9533dce231bc
At the moment, address demangling is only used by the backtrace
functionality. However, at some point, other parts of the TF-A
codebase may want to use it.
The 'demangle_address' function is replaced with a single XPACI
instruction which is also added in 'do_crash_reporting()'.
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Change-Id: I4424dcd54d5bf0a5f9b2a0a84c4e565eec7329ec
On systems that have multiple platform components that can interpret the
SCMI messages, there is a need to support multiple SCMI channels (one
each to those platform components). Extend the existing SCMI interface
that currently supports only a single SCMI channel to support multiple
SCMI channels.
Change-Id: Ice4062475b903aef3b5e5bc37df364c9778a62c5
Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
In order to allow the MHUv2 driver to be usable with multiple MHUv2
controllers, use the base address of the controller from the platform
information instead of the MHUV2_BASE_ADDR macro.
Change-Id: I4dbab87b929fb0568935e6c8b339ce67937f8cd1
Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
Multi-chip platforms have two or more identical chips connected using a
high speed coherent link. In order to identify such platforms,
add chip_id and multi_chip_mode information in the platform variant
info structure. The values of these two new elements is populated
during boot.
Change-Id: Ie6e89cb33b3f0f408814f6239cd06647053e23ed
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Currently, an IO setup failure will be ignored on arm platform release
build. Change this to panic instead.
Change-Id: I027a045bce2422b0a0fc4ff9e9d4c6e7bf5d2f98
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Change the return type of "arm_io_is_toc_valid()" and
"plat_arm_bl1_fwu_needed()" to bool, to match function behavior.
Change-Id: I503fba211219a241cb263149ef36ca14e3362a1c
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Use the firmware configuration framework to store the io_policies
information inside the configuration device tree instead of the static
structure in the code base.
The io_policies required by BL1 can't be inside the dtb, as this one is
loaded by BL1, and only available at BL2.
This change currently only applies to FVP platform.
Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Use the firmware configuration framework in arm dynamic configuration
to retrieve mbedtls heap information between bl1 and bl2.
For this, a new fconf getter is added to expose the device tree base
address and size.
Change-Id: Ifa5ac9366ae100e2cdd1f4c8e85fc591b170f4b6
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Use fconf to retrieve the `disable_authentication` property.
Move this access from arm dynamic configuration to bl common.
Change-Id: Ibf184a5c6245d04839222f5457cf5e651f252b86
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Manish Pandey
Sandrine Bailleux
Louis Mayencourt
Mark Dykes
Andre Przywara
Petre-Ionut Tudor
joanna.farley
Varun Wadekar
Manish V Badarkhe
Suyash Pathak
Zelalem
Jimmy Brisson
Olivier Deprez
Achin Gupta
Alexei Fedorov
Aditya Angadi
Vijayenthiran Subramaniam