Some SoCs integrate a GIC in version 1 that is currently not supported
by the trusted firmware. This change hijacks GICv2 driver to handle the
GICv1 as GICv1 is compatible enough with GICv2 as far as the platform
does not attempt to play with virtualization support or some GICv2
specific power features.
Note that current trusted firmware does not use these GICv2 features
that are not available in GICv1 Security Extension.
Change-Id: Ic2cb3055f1319a83455571d6d918661da583f179
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
The GIC driver initialization currently allows an array of interrupts to
be configured as secure. Future use cases would require more interrupt
configuration other than just security, such as priority.
This patch introduces a new interrupt property array as part of both
GICv2 and GICv3 driver data. The platform can populate the array with
interrupt numbers and respective properties. The corresponding driver
initialization iterates through the array, and applies interrupt
configuration as required.
This capability, and the current way of supplying array (or arrays, in
case of GICv3) of secure interrupts, are however mutually exclusive.
Henceforth, the platform should supply either:
- A list of interrupts to be mapped as secure (the current way).
Platforms that do this will continue working as they were. With this
patch, this scheme is deprecated.
- A list of interrupt properties (properties include interrupt group).
Individual interrupt properties are specified via. descriptors of
type 'interrupt_prop_desc_t', which can be populated with the macro
INTR_PROP_DESC().
A run time assert checks that the platform doesn't specify both.
Henceforth the old scheme of providing list of secure interrupts is
deprecated. When built with ERROR_DEPRECATED=1, GIC drivers will require
that the interrupt properties are supplied instead of an array of secure
interrupts.
Add a section to firmware design about configuring secure interrupts.
FixesARM-software/tf-issues#262
Change-Id: I8eec29e72eb69dbb6bce77879febf32c95376942
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
The helpers perform read-modify-write on GIC*_ICFGR registers, but don't
serialise callers. Any serialisation must be taken care of by the
callers.
Change-Id: I71995f82ff2c7f70d37af0ede30d6ee18682fd3f
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
SPIs can be routed to either a specific PE, or to any one of all
available PEs.
API documentation updated.
Change-Id: I28675f634568aaf4ea1aa8aa7ebf25b419a963ed
Co-authored-by: Yousuf A <yousuf.sait@arm.com>
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
The back end GIC driver converts and assigns the interrupt type to
suitable group.
For GICv2, a build option GICV2_G0_FOR_EL3 is introduced, which
determines to which type Group 0 interrupts maps to.
- When the build option is set 0 (the default), Group 0 interrupts are
meant for Secure EL1. This is presently the case.
- Otherwise, Group 0 interrupts are meant for EL3. This means the SPD
will have to synchronously hand over the interrupt to Secure EL1.
The query API allows the platform to query whether the platform supports
interrupts of a given type.
API documentation updated.
Change-Id: I60fdb4053ffe0bd006b3b20914914ebd311fc858
Co-authored-by: Yousuf A <yousuf.sait@arm.com>
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
The PE target mask is used to translate linear PE index (returned by
platform core position) to a bit mask used when targeting interrupts to
a PE, viz. when raising SGIs and routing SPIs.
The platform shall:
- Populate the driver data with a pointer to array that's to contain
per-PE target masks.
- Invoke the new driver API 'gicv2_set_pe_target_mask()' during
per-CPU initialization so that the driver populates the target mask
for that CPU.
Platforms that don't intend to target interrupts or raise SGIs need not
populate this.
Change-Id: Ic0db54da86915e9dccd82fff51479bc3c1fdc968
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Document the API in separate platform interrupt controller API document.
Change-Id: If18f208e10a8a243f5c59d226fcf48e985941949
Co-authored-by: Yousuf A <yousuf.sait@arm.com>
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
This patch fixes an assertion check in the GICv3 ITS helper function.
Change-Id: I75f50d7bf6d87c12c6e24a07c9a9889e5facf4a5
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
This patch adds functions to save and restore GICv3 ITS registers during
system suspend. Please note that the power management of GIC ITS is
implementation defined. These functions only implements the
architectural part of the ITS power management and they do not restore
memory structures or register content required to support ITS. Even if
the ITS implementation stores structures in memory, an implementation
defined power down sequence is likely to be required to flush some
internal ITS caches to memory. If such implementation defined sequence
is not followed, the platform must ensure that the ITS is not power
gated during system suspend.
Change-Id: I5f31e5541975aa7dcaab69b0b7f67583c0e27678
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
During system suspend, the GICv3 Distributor and Redistributor context
can be lost due to power gating of the system power domain. This means
that the GICv3 context needs to be saved prior to system suspend and
restored on wakeup. Currently the consensus is that the Firmware should
be in charge of this. See tf-issues#464 for more details.
This patch introduces helper APIs in the GICv3 driver to save and
restore the Distributor and Redistributor contexts. The GICv3 ITS
context is not considered in this patch because the specification says
that the details of ITS power management is implementation-defined.
These APIs are expected to be appropriately invoked by the platform
layer during system suspend.
FixesARM-software/tf-issues#464
Change-Id: Iebb9c6770ab8c4d522546f161fa402d2fe02ec00
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
Tidy up the code a bit by turning some macros into inline functions
which allows to remove the do/while(0) idiom and backslashes at the end
of the line.
Change-Id: Ie41a4ea4a4da507f7b925247b53e85019101d717
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
Reindent the file using tabs as the mix of spaces and tabs confuses some
editors and leads them to use spaces instead of tabs for new code
although the coding style mandates tabs.
Change-Id: I87fa4a5d368a048340054b9b3622325f3f7befba
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
Add new option rsa+ecdsa for TF_MBEDTLS_KEY_ALG, which selects
rsa or ecdsa depending on the certificate used.
Change-Id: I08d9e99bdbba361ed2ec5624248dc382c750ad47
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
The type `unsigned long` is 32 bit wide in AArch32, but 64 bit wide in
AArch64. This is inconsistent and that's why we avoid using it as per
the Coding Guidelines. This patch changes all `UL` occurrences to `U`
or `ULL` depending on the context so that the size of the constant is
clear.
This problem affected the macro `BIT(nr)`. As long as this macro is used
to fill fields of registers, that's not a problem, since all registers
are 32 bit wide in AArch32 and 64 bit wide in AArch64. However, if the
macro is used to fill the fields of a 64-bit integer, it won't be able
to set the upper 32 bits in AArch32.
By changing the type of this macro to `unsigned long long` the behaviour
is always the same regardless of the architecture, as this type is
64-bit wide in both cases.
Some Tegra platform files have been modified by this patch.
Change-Id: I918264c03e7d691a931f0d1018df25a2796cc221
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
This patch enables choice of RSA version at run time to be used for
generating signatures by the cert_tool. The RSA PSS as defined in
PKCS#1 v2.1 becomes the default version and this patch enables to specify
the RSA PKCS#1 v1.5 algorithm to `cert_create` through the command line
-a option. Also, the build option `KEY_ALG` can be used to pass this
option from the build system. Please note that RSA PSS is mandated
by Trusted Board Boot requirements (TBBR) and legacy RSA support is
being added for compatibility reasons.
FixesARM-Software/tf-issues#499
Change-Id: Ifaa3f2f7c9b43f3d7b3effe2cde76bf6745a5d73
Co-Authored-By: Eleanor Bonnici <Eleanor.bonnici@arm.com>
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
The `KEY_ALG` variable is used to select the algorithm for key
generation by `cert_create` tool for signing the certificates. This
variable was previously undocumented and did not have a global default
value. This patch corrects this and also adds changes to derive the
value of `TF_MBEDTLS_KEY_ALG` based on `KEY_ALG` if it not set by the
platform. The corresponding assignment of these variables are also now
removed from the `arm_common.mk` makefile.
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: I78e2d6f4fc04ed5ad35ce2266118afb63127a5a4
Since Trusted OS firmware may have extra images, need to
assign new uuid and image id for them.
The TBBR chain of trust has been extended to add support
for the new images within the existing Trusted OS firmware
content certificate.
Change-Id: I678dac7ba1137e85c5779b05e0c4331134c10e06
Signed-off-by: Summer Qin <summer.qin@arm.com>
The driver has only one API: to initialize an SMMUv3 device. This
operates on a device that implements secure state, by invalidating
secure caches and TLBs.
Change-Id: Ief32800419ddf0f1fe38c8f0da8f5ba75c72c826
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
The current build system and driver requires the CCI product to be
specified at build time. The device constraints can be determined at run
time from its ID registers, obviating the need for specifying them
ahead.
This patch adds changes to identify and validate CCI at run time. Some
global variables are renamed to be in line with the rest of the code
base.
The build option ARM_CCI_PRODUCT_ID is now removed, and user guide is
updated.
Change-Id: Ibb765e349d3bc95ff3eb9a64bde1207ab710a93d
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
This fix modifies the order of system includes to meet the ARM TF coding
standard. There are some exceptions in order to retain header groupings,
minimise changes to imported headers, and where there are headers within
the #if and #ifndef statements.
Change-Id: I65085a142ba6a83792b26efb47df1329153f1624
Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
This patch implements the basic lifecycle state check when CryptoCell
SBROM is initialized. Currently the check ensures that if the lifecycle
state is Security Disabled (SD), the boot process does not proceed
further.
Change-Id: I5101335453cd3ea413e97bcfb9138a96c05e1aea
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
This patch adds a crypto driver which utilizes the ARM® TrustZone®
CryptoCell-712 to verify signature and hash during Trusted Board Boot. Along
with this driver, the CryptoCell SBROM library is required to successfully
build the BL image. The path to this library is specified via
the `CCSBROM_LIB_PATH` variable. Please note that, mbedTLS is still required
to do the X509 certificate ASN.1 parsing and CryptoCell is only utilized for
signature and hash verification.
Change-Id: If82dfbae0d7772ba1c64839f0b27850c103fe253
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
This change avoids warning about type conversion.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Use NULL instead of 0 where required.
Include headers to have the prototype of the functions.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
If `MBEDTLS_PLATFORM_SNPRINTF_ALT` isn't used, the function
`mbedtls_platform_set_snprintf()` isn't defined.
In case a platform uses a different mbed TLS configuration file than
the one provided by the Trusted Firmware, and it doesn't define the
mentioned build option, this will result in a build error.
This patch modifies the initialization code so that
`mbedtls_platform_set_snprintf()` is only used if
`MBEDTLS_PLATFORM_SNPRINTF_ALT` is defined, allowing platforms to use
it or not depending on their needs.
Change-Id: I1d5c86d57e9b2871ba463030bf89210ebec5178e
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
This patch adds support for RSASSA-PSS Signature Algorithm for
X509 certificates in mbedtls crypto driver. Now the driver supports
RSA PKCS2_1 standard as mandated by TBBR.
NOTE: With this patch, the PKCS1_5 standard compliant RSA signature
is deprecated.
Change-Id: I9cf6d073370b710cc36a7b374a55ec96c0496461
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
The mbedTLS library requires larger heap memory for verification of RSASSA-PSS
signature in certificates during Trusted Board Boot. This patch increases the
heap memory for the same.
Change-Id: I3c3123d7142b7b7b01463516ec436734895da159
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
ARM GIC-600 IP complies with ARM GICv3 architecture, but among others,
implements a power control register in the Redistributor frame. This
register must be programmed to mark the frame as powered on, before
accessing other registers in the frame. Rest of initialization sequence
remains the same.
The driver provides APIs for Redistributor power management, and
overrides those in the generic GICv3 driver. The driver data is shared
between generic GICv3 driver and that of GIC-600.
For FVP platform, the GIC-600 driver is chosen when FVP_USE_GIC_DRIVER
is set to FVP_GIC600. Also update user guide.
Change-Id: I321b2360728d69f6d4b0a747b2cfcc3fe5a20d67
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
mbed TLS provides the debug API `mbedtls_memory_buffer_alloc_status()`
to analyse the RAM usage of the library.
When RSA is selected as algorithm, the maximum heap usage in FVP and
Juno has been determined empirically to be approximately 5.5 KiB.
However, The default heap size used when RSA is selected is 8 KiB.
This patch reduces the buffer from 8 KiB to 6 KiB so that the BSS
sections of both BL1 and BL2 are 2 KiB smaller when the firmware is
compiled with TBB support.
Change-Id: I43878a4e7af50c97be9c8d027c728c8483f24fbf
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
If UFS device is initialized, we could just make it out of
hibernation by UFS_FLAGS_SKIPINIT. And vendor's dirver is always
focus on PHY setting. We could use UFS driver directly if it
exits from hibernation.
There're eight LUNs in UFS device. The UFS driver only provides
the read/write API with LUN. User could define his own read/write
since user may want to access different LUNs.
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
The Trusted Firmware uses a subset of the APIs provided by mbed TLS.
This subset internally uses `snprintf`, but the only format specifier
used is '%d', which is supported by `tf_snprintf`.
This patch makes mbed TLS use `tf_snprintf` instead of `snprintf`,
saving 3 KB in both debug and release builds when TBBR is enabled.
Change-Id: I7f992a21015930d7c0f4660e7a28ceefd60b9597
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Platforms aligned with TBBR are supposed to use their own OIDs, but
defining the same macros with different OIDs does not provide any
value (at least technically).
For easier use of TBBR, this commit allows platforms to reuse the OIDs
obtained by ARM Ltd. This will be useful for non-ARM vendors that
do not need their own extension fields in their certificate files.
The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h
Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by
defining USE_TBBR_DEFS as 1. USE_TBBR_DEFS is 0 by default to keep the
backward compatibility.
For clarification, I inserted a blank line between headers from the
include/ directory (#include <...>) and ones from a local directory
(#include "..." ).
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
This patch renames MBEDTLS_KEY_ALG to TF_MBEDTLS_KEY_ALG. This
completes the migration of TF specific macros so that they do not
have the MBEDTLS_ suffix (see arm-trusted-firmware#874).
Change-Id: Iad7632477e220b0af987c4db3cf52229fb127d00
Signed-off-by: David Cunado <david.cunado@arm.com>
An earlier patch (arm-trusted-firmware#874) migrated MBEDTLS_ suffixed
macros to have a TBBR_ suffix to avoid any potential clash with future
mbedtls macros.
But on reflection the TBBR_ suffix could be confusing as the macros
are used to drive TF-specific configuration of mbedtls. As such
this patch migrates these macros from TBBR_suffix to TF_MBEDTLS_
suffix which more accurately conveys their use.
Change-Id: Ic87642b653ceeaa03d62f724976abd5e12e867d4
Signed-off-by: David Cunado <david.cunado@arm.com>
To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.
NOTE: Files that have been imported by FreeBSD have not been modified.
[0]: https://spdx.org/
Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
This patch removes the code that touched UART_FCR, from
console_core_putc(). The check for whether transmit FIFO is
full is sufficient before writing to UART TX FIFO. In fact
setting UARTFCR_TXCLR immediately after a byte is written to
FIFO might even result in loss of that byte, if UART hasn't
sent that byte out yet.
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Many asserts depend on code that is conditionally compiled based on the
DEBUG define. This patch modifies the conditional inclusion of such code
so that it is based on the ENABLE_ASSERTIONS build option.
Change-Id: I6406674788aa7e1ad7c23d86ce94482ad3c382bd
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
C files shouldn't be included into others. This file only contains some
macros and functions that can be made `static inline`, so it is ok to
convert it into a header file.
This is the only occurrence of a C file being included in another one in
the codebase instead of using a header, other occurrences are a way of
achieving backwards-compatibility.
Functions therein have been qualified as `inline`.
Change-Id: I88fe300f6d85a7f0740ef14c9cb8fa54849218e6
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
The amount of console output is controlled by the LOG_LEVEL build
option. Using tf_printf without any #ifdef depending on the LOG_LEVEL
doesn't give the user that flexibility.
This patch replaces all occurrences of tf_printf that prints error, but
aren't dependent on LOG_LEVEL, with the ERROR macro.
Change-Id: Ib5147f14fc1579398a11f19ddd0e840ff6692831
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
It is needed to add placeholders for this function because, as this is
not a `plat_xxx()` function, there aren't weak definitions of it in any
file.
If `console_flush()` is used and there isn't an implementation of
`console_core_flush()` in any file, the compilation will fail.
Change-Id: I50eb56d085c4c9fbc85d40c343e86af6412f3020
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
This function ensures that console output is flushed, for example
before shutting down or use by another component
In line with other console APIs, console_flush() wraps
console_core_flush().
Also implement console_core_flush() for PL011.
Change-Id: I3db365065e4de04a454a5c2ce21be335a23a01e4
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
These macros are not part of mbed TLS so they should not be prefixed
with `MBEDTLS_` to avoid potential collision in the future. Use the
`TBBR_` suffix to highlight that they only used in TF.
`MBEDTLS_KEY_ALG` was not modified because that is documented and used
by platforms to select the key algorithm.
Change-Id: Ief224681715c481691c80810501830ce16e210b0
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
Due to incorrect conditional compilation checks, bakery locks were
excluded from the CCN driver and the power controller driver for FVP
when BL32 was built as the EL3 Runtime Software in AArch32 mode.
This patch corrects the same.
Change-Id: Ib1f163d9167a5c38e4d622232c4835cad9c235aa
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
The GIC driver data is initialized by the primary CPU with caches
enabled. When the secondary CPU boots up, it initializes the
GICC/GICR interface with the caches disabled and there is a chance that
the driver data is not yet written back to the memory. This patch fixes
this problem by flushing the driver data after they have been
initialized.
Change-Id: Ie9477029683846209593ff005d2bac559bb8f5e6
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Static checks flag an assert added in commit 1f786b0 that compares
unsigned value to 0, which will never fail.
Change-Id: I4b02031c2cfbd9a25255d12156919dda7d4805a0
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
This reverts commit b621fb503c.
Because of the Trusted Firmware design, timing-safe functions are not
needed. Using them may be misleading as it could be interpreted as being
a protection against private data leakage, which isn't the case here.
For each image, the SHA-256 hash is calculated. Some padding is appended
and the result is encrypted with a private key using RSA-2048. This is
the signature of the image. The public key is stored along with BL1 in
read-only memory and the encrypted hash is stored in the FIP.
When authenticating an image, the TF decrypts the hash stored in the FIP
and recalculates the hash of the image. If they don't match, the boot
sequence won't continue.
A constant-time comparison does not provide additional security as all
the data involved in this process is already known to any attacker.
There is no private data that can leaked through a timing attack when
authenticating an image.
`timingsafe_bcmp()` is kept in the codebase because it could be useful
in the future.
Change-Id: I44bdcd58faa586a050cc89447e38c142508c9888
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
cppcheck highlighted variables that were initialized but then later
reassigned.
Change-Id: Ie12742c01fd3bf48b2d6c05a3b448da91d57a2e4
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
The memmap IO driver doesn't perform bounds check when reading, writing,
or seeking. The onus to vet parameters is on the caller, and this patch
asserts that:
- non-negative size is specified for for backing memory;
- valid parameters are passed into the driver for read, write and seek
operations.
Change-Id: I6518c4065817e640e9e7e39a8a4577655f2680f7
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Replace all use of memset by zeromem when zeroing moderately-sized
structure by applying the following transformation:
memset(x, 0, sizeof(x)) => zeromem(x, sizeof(x))
As the Trusted Firmware is compiled with -ffreestanding, it forbids the
compiler from using __builtin_memset and forces it to generate calls to
the slow memset implementation. Zeromem is a near drop in replacement
for this use case, with a more efficient implementation on both AArch32
and AArch64.
Change-Id: Ia7f3a90e888b96d056881be09f0b4d65b41aa79e
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
To avoid timing side-channel attacks, it is needed to use a constant
time memory comparison function when comparing hashes. The affected
code only cheks for equality so it isn't needed to use any variant of
memcmp(), bcmp() is enough.
Also, timingsafe_bcmp() is as fast as memcmp() when the two compared
regions are equal, so this change incurrs no performance hit in said
case. In case they are unequal, the boot sequence wouldn't continue as
normal, so performance is not an issue.
Change-Id: I1c7c70ddfa4438e6031c8814411fef79fd3bb4df
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
One nasty part of ATF is some of boolean macros are always defined
as 1 or 0, and the rest of them are only defined under certain
conditions.
For the former group, "#if FOO" or "#if !FOO" must be used because
"#ifdef FOO" is always true. (Options passed by $(call add_define,)
are the cases.)
For the latter, "#ifdef FOO" or "#ifndef FOO" should be used because
checking the value of an undefined macro is strange.
Here, IMAGE_BL* is handled by make_helpers/build_macro.mk like
follows:
$(eval IMAGE := IMAGE_BL$(call uppercase,$(3)))
$(OBJ): $(2)
@echo " CC $$<"
$$(Q)$$(CC) $$(TF_CFLAGS) $$(CFLAGS) -D$(IMAGE) -c $$< -o $$@
This means, IMAGE_BL* is defined when building the corresponding
image, but *undefined* for the other images.
So, IMAGE_BL* belongs to the latter group where we should use #ifdef
or #ifndef.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
In mbedtls_x509_parser.c there are some static arrays that are filled
during the integrity check and then read whenever an authentication
parameter is requested. However, they aren't cleared in case of an
integrity check failure, which can be problematic from a security
point of view. This patch clears these arrays in the case of failure.
Change-Id: I9d48f5bc71fa13e5a75d6c45b5e34796ef13aaa2
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
We are duplicating this macro define, and it is useful enough
to be placed in the common place.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
tbz check for RDR status is to check for a bit being zero.
Unfortunately, we are using a mask rather than the bit position.
Further as per http://www.ti.com/lit/ds/symlink/pc16550d.pdf (page 17),
LSR register bit 0 is Data ready status (RDR), not bit position 2.
Update the same to match the specification.
Reported-by: Sekhar Nori <nsekhar@ti.com>
Signed-off-by: Nishanth Menon <nm@ti.com>
This comment block says the default algorithm is ESDSA, while the
code obviously sets the default to RSA:
ifeq (${MBEDTLS_KEY_ALG},)
MBEDTLS_KEY_ALG := rsa
endif
The git log of commit 7d37aa1711 ("TBB: add mbedTLS authentication
related libraries") states available options are:
* 'rsa' (for RSA-2048) (default option)
* 'ecdsa' (for ECDSA-SECP256R1)
So, my best guess is the comment block is wrong.
The mismatch between the code and the comment is confusing. Fix it.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The previous code required that a certificate be signed with the ROT
key before the platform's NV counter could be updated with the value
in the certificate. This implies that the Non-Trusted NV counter was
not being updated for Non-Trusted content certificates, as they cannot
be signed with the ROT key in the TBBR CoT scheme.
The code is reworked to only allow updating the platform's Trusted NV
counter when a certificate protected by the Trusted NV counter is
signed with the ROT key.
Content certificates protected by the Non-Trusted NV counter are
allowed to update the platform's Non-Trusted NV counter, assuming
that the certificate value is higher than the platform's value.
A new optional platform API has been introduced, named
plat_set_nv_ctr2(). Platforms may choose to implement it and perform
additional checks based on the authentication image descriptor before
modifying the NV counters. A default weak implementation is available
that just calls into plat_set_nv_ctr().
FixesARM-software/tf-issues#426
Change-Id: I4fc978fd28a3007bc0cef972ff1f69ad0413b79c
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
Some GICv3 implementations have provision for power management
operations at Redistributor level. This patch introduces and provides
place-holders for Redistributor power management. The default
implementations are empty stubs, but are weakly bound so as to enable
implementation-specific drivers to override them.
Change-Id: I4fec1358693d3603ca5dce242a2f7f0e730516d8
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
This patch makes following miscellaneous fixes:
* pl011_console.S: Fixed the bit mask used to check if the
transmit FIFO is full or empty.
* smcc_macros.S: Added `_fsxc` suffix while updating the SPSR.
By default the assembler assumes `_fc` suffix which does not
update all the fields in SPSR. By adding `_fsxc` suffix all
the fields gets updated.
* platform_helpers.S: Removed the weak definition for
`plat_my_core_pos()` as this is a mandatory function which
needs to be defined by all platforms.
Change-Id: I8302292533c943686fff8d7c749a07132c052a3b
Signed-off-by: Yatharth Kochar <yatharth.kochar@arm.com>
Currently the GICv3 driver mandates that platform populate
both G1S and G0 interrupts. However, it is possible that a
given platform is not interested in both the groups and
just needs to specify either one of them.
This patch modifies the `gicv3_rdistif_init()` & `gicv3_distif_init()`
functions to allow either G1S or G0 interrupts to be configured.
FixesARM-software/tf-issues#400
Change-Id: I43572b0e08ae30bed5af9334f25d35bf439b0d2b
Support CMD23. When CMD23 is used, CMD12 could be avoided.
Two scenarios:
1. CMD17 for single block, CMD18 + CMD12 for multiple blocks.
2. CMD23 + CMD18 for both single block and multiple blocks.
The emmc_init() should initialize whether CMD23 is supported
or not.
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
As per the GICv3 specification, to power down a processor using GICv3
and allow automatic power-on if an interrupt must be sent to a processor,
software must set Enable to zero for all interrupt groups(by writing to
GICC_CTLR or ICC_IGRPEN{0,1}_EL1/3 as appropriate.
Also, NonSecure EL1 software may not be aware of the CPU power state
details and fail to choose right states that require quiescing the CPU
interface. So it's preferred that the PSCI implementation handles it as
it is fully aware of the CPU power states.
This patch adds disabling of Group1 NonSecure interrupts during processor
power down along with Group0 and Group1 Secure interrupts so that all the
interrupt groups are handled at once as per specification.
Change-Id: Ib564d773c9c4c41f2ca9471451c030e3de75e641
This patch modifies GICv3 and TZC drivers to add AArch32 support.
No modifications are required for the GICv2 driver for AArch32 support.
The TZC driver assumes that the secure world is running in Little-Endian
mode to do 64 bit manipulations. Assertions are present to validate the
assumption.
Note: The legacy GICv3 driver is not supported for AArch32.
Change-Id: Id1bc75a9f5dafb9715c9500ca77b4606eb1e2458
This patch moves the various assembly console drivers
into `aarch64` architecture specific folder. Stub files,
which include files from new location, are retained at the
original location for platform compatibility reasons.
Change-Id: I0069b6c1c0489ca47f5204d4e26e3bc3def533a8
If buffer address parameter isn't aligned, it may cause
DMA issue in block device driver, as eMMC. Now check the buffer
address. If it's not aligned, use temporary buffer in io block
driver instead.
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
This patch fixes the offset of GICD_IROUTER register defined in gicv3.h.
Although the GICv3 documention mentions that the offset for this register
is 0x6100-0x7FD8, the offset calculation for an interrupt id `n` is :
0x6000 + 8n, where n >= 32
This requires the offset for GICD_IROUTER to be defined as 0x6000.
FixesARM-software/tf-issues#410
Change-Id: If9e91e30d946afe7f1f60fea4f065c7567093fa8
This patch reworks type usage in generic code, drivers and ARM platform files
to make it more portable. The major changes done with respect to
type usage are as listed below:
* Use uintptr_t for storing address instead of uint64_t or unsigned long.
* Review usage of unsigned long as it can no longer be assumed to be 64 bit.
* Use u_register_t for register values whose width varies depending on
whether AArch64 or AArch32.
* Use generic C types where-ever possible.
In addition to the above changes, this patch also modifies format specifiers
in print invocations so that they are AArch64/AArch32 agnostic. Only files
related to upcoming feature development have been reworked.
Change-Id: I9f8c78347c5a52ba7027ff389791f1dad63ee5f8
The legacy GIC driver assumes that the SGIs and PPIs are Group0 during
initialization. This is true if the driver is the first one to initialize
the GIC hardware after reset. But in some cases, earlier BL stages could
have already initialized the GIC hardware which means that SGI and PPI
configuration are not the expected reset values causing assertion failure
in `gicd_set_ipriorityr()`. This patch explicitly resets the SGI and PPI
to Group0 prior to their initialization in the driver. The same patch is
not done in the GICv2-only driver because unlike in the legacy driver,
`gicd_set_ipriorityr()` of GICv2 driver doesn't enforce this policy and
the appropriate group is set irrespective of the initial value.
FixesARM-software/tf-issues#396
Change-Id: I521d35caa37470ce542c796c2ba99716e4763105
A production ROM with TBB enabled must have the ability to boot test software
before a real ROTPK is deployed (e.g. manufacturing mode). Previously the
function plat_get_rotpk_info() must return a valid ROTPK for TBB to succeed.
This patch adds an additional bit `ROTPK_NOT_DEPLOYED` in the output `flags`
parameter from plat_get_rotpk_info(). If this bit is set, then the ROTPK
in certificate is used without verifying against the platform value.
FixesARM-software/tf-issues#381
Change-Id: Icbbffab6bff8ed76b72431ee21337f550d8fdbbb
On some platform gpio can set/get pull status when input, add these
function so we can set/get gpio pull status when need it. And they are
optional function.
This patch adds the API `ccn_get_part0_id` to query the PART0 ID from the
PERIPHERAL_ID 0 register in the CCN driver. This ID allows to distinguish
the variant of CCN present on the system and possibly enable dynamic
configuration of the IP based on the variant. Also added an assert in
`ccn_master_to_rn_id_map()` to ensure that the master map bitfield provided
by the platform is within the expected interface id.
Change-Id: I92d2db7bd93a9be8a7fbe72a522cbcba0aba2d0e
Add delay timer implementation based on the system generic counter.
This either uses the platform's implementation of
`plat_get_syscnt_freq()` or explicit clock multiplier/divider values
provided by the platform.
The current implementation of udelay has been modified to avoid
unnecessary calculations while waiting on the loop and to make it
easier to check for overflows.
Change-Id: I9062e1d506dc2f68367fd9289250b93444721732
Allow to handle cases where some images are pre-loaded (by debugger for
instance) without introducing many switches in files calling load_* functions.
Fixes: arm-software/tf-issues#398
Signed-off-by: Gerald Lejeune <gerald.lejeune@st.com>
In a lot of embedded platforms, eMMC device is the only one storage
device. So loading content from eMMC device is required in ATF.
Create the emmc stack that could co-work with IO block driver.
Support to read/write/erase eMMC blocks on both rpmb and normal
user area. Support to change the IO speed and bus width.
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
FIP is accessed as memory-mapped type. eMMC is block device type.
In order to support FIP based on eMMC, add the new io_block layer.
io_block always access eMMC device as block size. And it'll only
copy the required data into buffer in io_block driver. So preparing
an temporary buffer is required.
When use io_block device, MAX_IO_BLOCK_DEVICES should be declared
in platform_def.h. It's used to support multiple block devices.
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
Currently the `tzc400_configure_region` and `tzc_dmc500_configure_region`
functions uses uintptr_t as the data type for `region_top` and `region_base`
variables, which will be converted to 32/64 bits for AArch32/AArch64
respectively. But the expectation is to keep these addresses at least 64 bit.
This patch modifies the data types to make it at least 64 bit by using
unsigned long long instead of uintptr_t for the `region_top` and
`region_base` variables. It also modifies the associated macros
`_tzc##fn_name##_write_region_xxx` accordingly.
Change-Id: I4e3c6a8a39ad04205cf0f3bda336c3970b15a28b
The ARM CoreLink DMC-500 Dynamic Memory Controller provides the
programmable address region control of a TrustZone Address Space
Controller. The access permissions can be defined for eight
separate address regions plus a background or default region.
This patch adds a DMC-500 driver to define address regions and
program their access permissions as per ARM 100131_0000_02_en
(r0p0) document.
Change-Id: I9d33120f9480d742bcf7937e4b876f9d40c727e6
TrustZone protection can be programmed by both memory and TrustZone
address space controllers like DMC-500 and TZC-400. These peripherals
share a similar programmer's view.
Furthermore, it is possible to have multiple instances of each type of
peripheral in a system resulting in multiple programmer's views.
For example, on the TZC-400 each of the 4 filter units can be enabled
or disabled for each region. There is a single set of registers to
program the region attributes. On the DMC-500, each filter unit has its
own programmer's view resulting in multiple sets of registers to program
the region attributes. The layout of the registers is almost the same
across all these variations.
Hence the existing driver in `tzc400\tzc400.c` is refactored into the
new driver in `tzc\tzc400.c`. The previous driver file is still maintained
for compatibility and it is now deprecated.
Change-Id: Ieabd0528e244582875bc7e65029a00517671216d
This patch adds support for non-volatile counter authentication to
the Authentication Module. This method consists of matching the
counter values provided in the certificates with the ones stored
in the platform. If the value from the certificate is lower than
the platform, the boot process is aborted. This mechanism protects
the system against rollback.
The TBBR CoT has been updated to include this method as part of the
authentication process. Two counters are used: one for the trusted
world images and another for the non trusted world images.
** NEW PLATFORM APIs (mandatory when TBB is enabled) **
int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr);
This API returns the non-volatile counter value stored
in the platform. The cookie in the first argument may be
used to select the counter in case the platform provides
more than one (i.e. TBSA compliant platforms must provide
trusted and non-trusted counters). This cookie is specified
in the CoT.
int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr);
This API sets a new counter value. The cookie may be
used to select the counter to be updated.
An implementation of these new APIs for ARM platforms is also
provided. The values are obtained from the Trusted Non-Volatile
Counters peripheral. The cookie is used to pass the extension OID.
This OID may be interpreted by the platform to know which counter
must return. On Juno, The trusted and non-trusted counter values
have been tied to 31 and 223, respectively, and cannot be modified.
** IMPORTANT **
THIS PATCH BREAKS THE BUILD WHEN TRUSTED_BOARD_BOOT IS ENABLED. THE
NEW PLATFORM APIs INTRODUCED IN THIS PATCH MUST BE IMPLEMENTED IN
ORDER TO SUCCESSFULLY BUILD TF.
Change-Id: Ic943b76b25f2a37f490eaaab6d87b4a8b3cbc89a
Hence memmap device can be used to load an image without being wrapped in a
FIP.
Fixesarm-software/tf-issues#371
Signed-off-by: Gerald Lejeune <gerald.lejeune@st.com>
The PL011 initialization function disables the UART, flushes the FIFO
and waits for the current character to be transmitted before applying
the configuration and enabling the UART. This waiting might result in
a deadlock if the FIFO is disabled while another CPU is printing a
message since the flush of FIFO will never finish.
This patch fixes the problem by removing the flush operation and the
loop for last character completion from the initialization function.
The UART is disabled, configured and enabled again.
Change-Id: I1ca0b6bd9f352c12856f10f174a9f6eaca3ab4ea
This patch adds support for the `%p` format specifier in tf_printf()
following the example of the printf implementation of the stdlib used
in the trusted firmware.
FixesARM-software/tf-issues#292
Change-Id: I0b3230c783f735d3e039be25a9405f00023420da
This patch moves the private GIC common accessors from `gic_common.h` to
a new private header file `gic_common_private.h`. This patch also adds
additional comments to GIC register accessors to highlight the fact
that some of them access register values that correspond to multiple
interrupt IDs. The convention used is that the `set`, `get` and `clr`
accessors access and modify the values corresponding to a single interrupt
ID whereas the `read` and `write` GIC register accessors access the raw
GIC registers and it could correspond to multiple interrupt IDs depending
on the register accessed.
Change-Id: I2643ecb2533f01e3d3219fcedfb5f80c120622f9
The code to set the interrupt priority for secure interrupts in the
new GICv2 and GICv3 drivers is incorrect. The setup code to configure
interrupt priorities of secure interrupts, one interrupt at a time, used
gicd_write_ipriorityr()/gicr_write_ipriority() function affecting
4 interrupts at a time. This bug did not manifest itself because all the
secure interrupts were configured to the highest secure priority(0) during
cold boot and the adjacent non secure interrupt priority would be configured
later by the normal world. This patch introduces new accessors,
gicd_set_ipriorityr() and gicr_set_ipriorityr(), for configuring priority
one interrupt at a time and fixes the the setup code to use the new
accessors.
FixesARM-software/tf-issues#344
Change-Id: I470fd74d2b7fce7058b55d83f604be05a27e1341
GICD_IPRIORITYR and GICD_ITARGETSR specifically support byte addressing
so that individual interrupt priorities can be atomically updated by
issuing a single byte write. The previous implementation of
gicd_set_ipriority() and gicd_set_itargetsr() used 32-bit register
accesses, modifying values for 4 interrupts at a time, using a
read-modify-write approach. This potentially may cause concurrent changes
by other CPUs to the adjacent interrupts to be corrupted. This patch fixes
the issue by modifying these accessors to use byte addressing.
FixesARM-software/tf-issues#343
Change-Id: Iec28b5f5074045b00dfb8d5f5339b685f9425915
Currently, `ccn_snoop_dvm_domain_common()` is responsible for providing
a bitmap of HN-F and HN-I nodes in the interconnect. There is a request
node (RN) corresponding to the master interface (e.g. cluster) that needs
to be added or removed from the snoop/DVM domain. This request node is
removed from or added to each HN-F or HN-I node present in the bitmap
depending upon the type of domain.
The above logic is incorrect when participation of a master interface in
the DVM domain has to be managed. The request node should be removed
from or added to the single Miscellaneous Node (MN) in the system
instead of each HN-I node.
This patch fixes this by removing the intermediate
`ccn_snoop_dvm_domain_common()` and instead reads the MN registers to
get the needed node Id bitmap for snoop(HN-F bitmap) and DVM(MN bitmap)
domains.
Additionally, it renames `MN_DDC_SET_OFF` to `MN_DDC_SET_OFFSET` to
be inline with other macros.
Change-Id: Id896046dd0ccc5092419e74f8ac85e31b104f7a4
The PL011 TRM (ARM DDI 0183G) specifies that the UART must be
disabled before any of the control registers are programmed. The
PL011 driver included in TF does not disable the UART, so the
initialization in BL2 and BL31 is violating this requirement
(and potentially in BL1 if the UART is enabled after reset).
This patch modifies the initialization function in the PL011
console driver to disable the UART before programming the
control registers.
Register clobber list and documentation updated.
FixesARM-software/tf-issues#300
Change-Id: I839b2d681d48b03f821ac53663a6a78e8b30a1a1
Migrate all direct usage of __attribute__ to usage of their
corresponding macros from cdefs.h.
e.g.:
- __attribute__((unused)) -> __unused
Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
By default ARM TF is built with the '-pedantic' compiler flag, which
helps detecting violations of the C standard. However, the mbed TLS
library and its associated authentication module in TF used to fail
building with this compiler flag. As a workaround, the mbed TLS
authentication module makefile used to set the 'DISABLE_PEDANTIC'
TF build flag.
The compiler errors flagged by '-pedantic' in the mbed TLS library
have been fixed between versions 1.3.9 and 2.2.0 and the library now
properly builds with this compiler flag.
This patch fixes the remaining compiler errors in the mbed TLS
authentication module in TF and unsets the 'DISABLE_PEDANTIC' TF
build flag. This means that TF is now always built with '-pedantic'.
In particular, this patch:
* Removes the final semi-colon in REGISTER_COT() macro.
This semi-colon was causing the following error message:
drivers/auth/tbbr/tbbr_cot.c:544:23: error: ISO C does not allow
extra ';' outside of a function [-Werror=pedantic]
This has been fixed both in the mbed TLS authentication module
as well as in the certificate generation tool. Note that the latter
code didn't need fixing since it is not built with '-pedantic' but
the change has been propagated for consistency.
Also fixed the REGISTER_KEYS() and REGISTER_EXTENSIONS() macros,
which were suffering from the same issue.
* Fixes a pointer type.
It was causing the following error message:
drivers/auth/mbedtls/mbedtls_crypto.c: In function 'verify_hash':
drivers/auth/mbedtls/mbedtls_crypto.c:177:42: error: pointer of
type 'void *' used in arithmetic [-Werror=pointer-arith]
Change-Id: I7b7a04ef711efd65e17b5be26990d1a0d940257d
The 'ret' was missing in console_uninit() implementation, so the
program doesn't return from console_uninit(). Instead, it keeps
executing the following instructions which is not expected.
Change-Id: I810684f37f61c41c6f95a3bb36914d0765da8571
Signed-off-by: Jimmy Huang <jimmy.huang@mediatek.com>
This patch replaces all references to the SCP Firmware (BL0, BL30,
BL3-0, bl30) with the image terminology detailed in the TF wiki
(https://github.com/ARM-software/arm-trusted-firmware/wiki):
BL0 --> SCP_BL1
BL30, BL3-0 --> SCP_BL2
bl30 --> scp_bl2
This change affects code, documentation, build system, tools and
platform ports that load SCP firmware. ARM plaforms have been
updated to the new porting API.
IMPORTANT: build option to specify the SCP FW image has changed:
BL30 --> SCP_BL2
IMPORTANT: This patch breaks compatibility for platforms that use BL2
to load SCP firmware. Affected platforms must be updated as follows:
BL30_IMAGE_ID --> SCP_BL2_IMAGE_ID
BL30_BASE --> SCP_BL2_BASE
bl2_plat_get_bl30_meminfo() --> bl2_plat_get_scp_bl2_meminfo()
bl2_plat_handle_bl30() --> bl2_plat_handle_scp_bl2()
Change-Id: I24c4c1a4f0e4b9f17c9e4929da815c4069549e58
The mbed TLS library has introduced some changes in the API from
the 1.3.x to the 2.x releases. Using the 2.x releases requires
some changes to the crypto and transport modules.
This patch updates both modules to the mbed TLS 2.x API.
All references to the mbed TLS library in the code or documentation
have been updated to 'mbed TLS'. Old references to PolarSSL have
been updated to 'mbed TLS'.
User guide updated to use mbed TLS 2.2.0.
NOTE: moving up to mbed TLS 2.x from 1.3.x is not backward compatible.
Applying this patch will require an mbed TLS 2.x release to be used.
Also note that the mbed TLS license changed to Apache version 2.0.
Change-Id: Iba4584408653cf153091f2ca2ee23bc9add7fda4
The Server Base System Architecture document (ARM-DEN-0029)
specifies a generic UART device. The programmer's view of this
generic UART is a subset of the ARM PL011 UART. However, the
current PL011 driver in Trusted Firmware uses some features
that are outside the generic UART specification.
This patch modifies the PL011 driver to exclude features outside
the SBSA generic UART specification by setting the boolean build
option 'PL011_GENERIC_UART=1'. Default value is 0 (use full
PL011 features).
User guide updated.
FixesARM-software/tf-issues#216
Change-Id: I6e0eb86f9d69569bc3980fb57e70d6da5d91a737
Firmware update(a.k.a FWU) feature is part of the TBB architecture.
BL1 is responsible for carrying out the FWU process if platform
specific code detects that it is needed.
This patch adds support for FWU feature support in BL1 which is
included by enabling `TRUSTED_BOARD_BOOT` compile time flag.
This patch adds bl1_fwu.c which contains all the core operations
of FWU, which are; SMC handler, image copy, authentication, execution
and resumption. It also adds bl1.h introducing #defines for all
BL1 SMCs.
Following platform porting functions are introduced:
int bl1_plat_mem_check(uintptr_t mem_base, unsigned int mem_size,
unsigned int flags);
This function can be used to add platform specific memory checks
for the provided base/size for the given security state.
The weak definition will invoke `assert()` and return -ENOMEM.
__dead2 void bl1_plat_fwu_done(void *cookie, void *reserved);
This function can be used to initiate platform specific procedure
to mark completion of the FWU process.
The weak definition waits forever calling `wfi()`.
plat_bl1_common.c contains weak definitions for above functions.
FWU process starts when platform detects it and return the image_id
other than BL2_IMAGE_ID by using `bl1_plat_get_next_image_id()` in
`bl1_main()`.
NOTE: User MUST provide platform specific real definition for
bl1_plat_mem_check() in order to use it for Firmware update.
Change-Id: Ice189a0885d9722d9e1dd03f76cac1aceb0e25ed
Allowing console base address to be set to NULL conveniently
allows console driver to ignore further invocations to console_putc()
and console_getc(). This patch adds `console_uninit()` API to the
console driver which sets console base address as NULL. The BL images can
invoke this API to finish the use of console and ignore any further
invocations to print to the console.
Change-Id: I00a1762b3e0b7c55f2be2f9c4c9bee3967189dde
When resuming from system suspend the TZC needs to be
re-initialized. Hence the assertion for TZC base address
to detect re-initialization is removed.
Change-Id: I53d64146f6c919e95526441bb997f7b309c68141