This patch adds tegra_chipid_is_t194() function to check if it is a
Tegra 194 chip.
Change-Id: I6da6d3a2c9676b748931e42fde1b174cbcb4fd40
Signed-off-by: David Pu <dpu@nvidia.com>
This patch makes Tegra platform psci ops routines to static. These
routines are called by PSCI framework and no external linkage is
necessary. This patch also fixes MISRA C-2012 Rule 8.6 violations.
Change-Id: Idd2381809f76dc0fd578c1c92c0f8eea124f2e88
Signed-off-by: David Pu <dpu@nvidia.com>
Enable the spm_mm framework for the qemu_sbsa platform.
Memory layout required for spm_mm is created in secure SRAM.
Co-developed-by: Fu Wei <fu.wei@linaro.org>
Signed-off-by: Fu Wei <fu.wei@linaro.org>
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Change-Id: I104a623e8bc1e44d035b95f014a13b3f8b33a62a
* changes:
plat/arm: juno: Implement methods to retrieve soc-id information
plat/arm: fvp: Implement methods to retrieve soc-id information
plat/arm: remove common code for soc-id feature
Documented the CPU specific build macros created for AT
speculative workaround.
Updated the description of 'ERRATA_SPECULATIVE_AT' errata
workaround option.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ie46a80d4e8183c1d5c8b153f08742a04d41a2af2
As per latest mailing communication [1], we decided to
update AT speculative workaround implementation in order to
disable page table walk for lower ELs(EL1 or EL0) immediately
after context switching to EL3 from lower ELs.
Previous implementation of AT speculative workaround is available
here: 45aecff00
AT speculative workaround is updated as below:
1. Avoid saving and restoring of SCTLR and TCR registers for EL1
in context save and restore routine respectively.
2. On EL3 entry, save SCTLR and TCR registers for EL1.
3. On EL3 entry, update EL1 system registers to disable stage 1
page table walk for lower ELs (EL1 and EL0) and enable EL1
MMU.
4. On EL3 exit, restore SCTLR and TCR registers for EL1 which
are saved in step 2.
[1]:
https://lists.trustedfirmware.org/pipermail/tf-a/2020-July/000586.html
Change-Id: Iee8de16f81dc970a8f492726f2ddd57e7bd9ffb5
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
SCTLR and TCR registers of EL1 plays role in enabling/disabling of
page table walk for lower ELs (EL0 and EL1).
Hence re-arranged EL1 context offsets to have SCTLR and TCR registers
values one after another in the stack so that these registers values
can be saved and restored using stp and ldp instruction respectively.
Change-Id: Iaa28fd9eba82a60932b6b6d85ec8857a9acd5f8b
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Reported the status (applies, missing) of AT speculative workaround
which is applicable for below CPUs.
+---------+--------------+
| Errata | CPU |
+=========+==============+
| 1165522 | Cortex-A76 |
+---------+--------------+
| 1319367 | Cortex-A72 |
+---------+--------------+
| 1319537 | Cortex-A57 |
+---------+--------------+
| 1530923 | Cortex-A55 |
+---------+--------------+
| 1530924 | Cortex-A53 |
+---------+--------------+
Also, changes are done to enable common macro 'ERRATA_SPECULATIVE_AT'
if AT speculative errata workaround is enabled for any of the above
CPUs using 'ERRATA_*' CPU specific build macro.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I3e6a5316a2564071f3920c3ce9ae9a29adbe435b
In case of AT speculative workaround applied, page table walk
is disabled for lower ELs (EL1 and EL0) in EL3.
Hence added a wrapper function which temporarily enables page
table walk to execute AT instruction for lower ELs and then
disables page table walk.
Execute AT instructions directly for lower ELs (EL1 and EL0)
assuming page table walk is enabled always when AT speculative
workaround is not applied.
Change-Id: I4ad4c0bcbb761448af257e9f72ae979473c0dde8
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
As per latest mailing communication [1], we decided
not to update SCTLR and TCR registers in EL1 and EL2 context
restore routine when AT speculative workaround is enabled
hence reverted the changes done as part of this commit: 45aecff00.
[1]:
https://lists.trustedfirmware.org/pipermail/tf-a/2020-July/000586.html
Change-Id: I8c5f31d81fcd53770a610e302a5005d98772b71f
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Implemented platform functions to retrieve the soc-id information
for juno platform
Change-Id: Ie677120710b45e202a2d63a954459ece8a64b353
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Implemented platform functions to retrieve the soc-id information
for FVP platform.
Change-Id: Id3df02ab290a210310e8d34ec9d706a59d817517
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Removed common code for soc-id feature which is applicable
for all arm platforms.
In subsequent patches, added a platform based functions
for FVP and Juno to retrieve the soc-id information.
Change-Id: Idb632a935758a6caff2ca03a6eab8f663da8a93a
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Fixed build failure due to the commit:905f93c77 by removing
the inclusion of non-existent 'stdinit.h' file.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I8e3ca69c016b7a2354c58c4d384a492631c36286
SP804 TIMER is not platform specific, and current code base adds
multiple defines to use this driver. Like FVP_USE_SP804_TIMER and
FVP_VE_USE_SP804_TIMER.
This patch removes platform specific build flag and adds generic
flag `USE_SP804_TIMER` to be set to 1 by platform if needed.
Change-Id: I5ab792c189885fd1b98ddd187f3a38ebdd0baba2
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
The DRIVEVBUS power rail of the AXP803 PMIC is mostly used to supply
the USB bus power on micro USB sockets, when used in host mode. As this
is a dynamic operation, and mostly we want micro USB sockets to act in
client mode initially, BL31 should not actually enable this power line.
However, on some boards DRIVEVBUS is used to supply power to normal
USB-A sockets. Failing to activate this line there results in
non-functional USB in U-Boot on those boards.
For that reason we were enabling DRIVEVBUS so far, as it did not seem to
cause any harm to the other boards. However it turns out that on the
Pinephone (and other systems with a battery), actually enabling DRIVEVBUS
unconditionally causes serious problems (reboot loop).
To accommodate both use cases, without reverting to a build time option,
check the default OTG configuration in the devicetree. For boards with
USB-A sockets this is set to "host", on boards with micro-B sockets to
"otg". Depending on this setting, we either enable DRIVEVBUS or leave it
alone.
This fixes TF-A on the Pinephone and potentially other battery powered
devices.
Change-Id: Iec0e07f218b2b4393bf4e05c3386261f8ed19e9f
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Compiling BL31 for the Allwinner platform now produces a message about
the deprecation of gic_common.c.
Follow the advice and use include gicv2.mk instead.
Collect all includes at the beginning of the file on the way.
Change-Id: Iee46e21a630bfa831d28059f09aa7b049eb554bb
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Include the GICv2 makefile in STM32MP1 SP_min makefile, and use
${GICV2_SOURCES} instead of taking drivers/arm/gic files directly.
Change-Id: Ibcaed5b0bd17f6d8cf200e208c11cc10cd6d2ee5
Signed-off-by: Yann Gautier <yann.gautier@st.com>
* changes:
SPM: Add owner field to cactus secure partitions
SPM: Alter sp_gen.mk entry depending on owner of partition
plat/arm: enable support for Plat owned SPs
For supporting dualroot CoT for Secure Partitions a new optional field
"owner" is introduced which will be used to sign the SP with
corresponding signing domain. To demonstrate its usage, this patch adds
owners to cactus Secure Partitions.
Signed-off-by: Ruari Phipps <ruari.phipps@arm.com>
Change-Id: I7b760580355fc92edf5402cecc38c38125dc1cae
With recently introduced dualroot CoT for SPs where they are owned
either by SiP or by Platform. SiP owned SPs index starts at SP_PKG1_ID
while Plat owned SPs index starts at SP_PKG5_ID.
This patch modifies SP makefile generator script to take CoT as an
argument and if it is "dualroot" then generates SP_PKG in order
mentioned above, otherwise generates it sequentially.
Signed-off-by: Ruari Phipps <ruari.phipps@arm.com>
Change-Id: Iffad1131787be650a9462f6f8cc09b603cddb3b8
For Arm platforms SPs are loaded by parsing tb_fw_config.dts and
adding them to SP structure sequentially, which in-turn is appended to
loadable image list.
With recently introduced dualroot CoT for SPs where they are owned
either by SiP or by Platform. SiP owned SPs index starts at SP_PKG1_ID
and Plat owned SPs index starts at SP_PKG5_ID. As the start index of SP
depends on the owner, there should be a mechanism to parse owner of a SP
and put it at the correct index in SP structure.
This patch adds support for parsing a new optional field "owner" and
based on it put SP details(UUID & Load-address) at the correct index in
SP structure.
Change-Id: Ibd255b60d5c45023cc7fdb10971bef6626cb560b
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Ensuring that each file changed by a patch has the correct copyright and
license information does not only apply to documentation files but to
all files within the source tree.
Move the guidance for copyright and license headers out of the paragraph
about updating the documentation to avoid any confusion.
Also do some cosmetic changes (adding empty lines, fitting in longer
lines in the 80-column limit, ...) to improve the readability of the RST
file.
Change-Id: I241a2089ca9db70f5a9f26b7070b947674b43265
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
We have noticed that Phabricator (the ticketing system on tf.org [1])
has far less visibility within the community than the mailing list [2].
For this reason, let's drop usage of Phabricator for anything else than
bug reports. For the rest, advise contributors to start a discussion on
the mailing list, where they are more likely to get feedback.
[1] https://developer.trustedfirmware.org/project/board/1/
[2] https://lists.trustedfirmware.org/mailman/listinfo/tf-a
Change-Id: I7d2d3d305ad0a0f8aacc2a2f25eb5ff429853a3f
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
This resolves MISRA defects such as:
plat/common/plat_bl1_common.c:63:[MISRA C-2012 Rule 14.4 (required)]
The condition expression "1" does not have an essentially boolean type.
Change-Id: I679411980ad661191fbc834a44a5eca5494fd0e2
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
We relyed on the default signed-ness of constants, which is usually
signed. This can create MISRA violations, such as:
bl1/bl1_main.c:257:[MISRA C-2012 10.8 (required)] Cast of composite
expression off essential type signed to essential type unsigned
These constants were only used as unsigned, so this patch makes them
explicitly unsigned.
Change-Id: I5f1310c881e936077035fbb1d5ffb449b45de3ad
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
There was a collision between the name of the typedef in the CASSERT and
something else, so we make the name of the typedef unique to the
invocation of DEFFINE_SVC_UUID2 by appending the name that's passed into
the macro. This eliminates the following MISRA violation:
bl1/bl1_main.c:233:[MISRA C-2012 Rule 5.6 (required)] Identifier
"invalid_svc_uuid" is already used to represent a typedef.
This also resolves MISRA rule 5.9.
These renamings are as follows:
* tzram -> secram. This matches the function call name as it has
sec_mem in it's name
* fw_config_base -> config_base. This file does not mess with
hw_conig, so there's little chance of confusion
Change-Id: I8734ba0956140c8e29b89d0596d10d61a6ef351e
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
This patch adds RNG driver and use it to generate random number for stack
protection.
Change-Id: I73d79e68d08b5aa902dc7fad48e17a03f996178d
Signed-off-by: Saurabh Gorecha <sgorecha@codeaurora.org>
Following f3ccf036ec the INFO print in amu_enable is causing
a lot of print outs on UART1 in DEBUG mode especially on PSCI test
cases because CPU_ON or SUSPEND operations call:
cm_prepare_el3_exit => enable_extensions_nonsecure => amu_enable.
PSCI SUSPEND is also very frequent in linux boot cases causing test
timeout failures.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I63581f8fa489d44b3b1d10af3b7f6fdf3af44720
For dualroot CoT there are two sets of SP certificates, one owned by
Silicon Provider(SiP) and other owned by Platform. Each certificate can
have a maximum of 4 SPs.
This patch reduces the number of SiP owned SPs from 8 to 4 and adds
the remaining 4 to Plat owned SP.
Plat owned SP certificate is signed using Platform RoT key and
protected against anti-rollback using the Non-trusted Non-volatile
counter.
Change-Id: Idc3ddd87d6d85a5506a7435f45a6ec17c4c50425
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Add support to generate a certificate named "plat-sp-cert" for Secure
Partitions(SP) owned by Platform.
Earlier a single certificate file "sip-sp-cert" was generated which
contained hash of all 8 SPs, with this change SPs are divided into
two categories viz "SiP owned" and "Plat owned" containing 4 SPs each.
Platform RoT key pair is used for signing.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I5bd493cfce4cf3fc14b87c8ed1045f633d0c92b6
David Pu
Masahisa Kojima
Alexei Fedorov
Manish Pandey
Manish V Badarkhe
Mark Dykes
Madhukar Pappireddy
Andre Przywara
Sandrine Bailleux
Varun Wadekar
Yann Gautier
Ruari Phipps
Jimmy Brisson
joanna.farley
Saurabh Gorecha
Olivier Deprez