The previous commit added the infrastructure to load and save
ARMv8.3-PAuth registers during Non-secure <-> Secure world switches, but
didn't actually enable pointer authentication in the firmware.
This patch adds the functionality needed for platforms to provide
authentication keys for the firmware, and a new option (ENABLE_PAUTH) to
enable pointer authentication in the firmware itself. This option is
disabled by default, and it requires CTX_INCLUDE_PAUTH_REGS to be
enabled.
Change-Id: I35127ec271e1198d43209044de39fa712ef202a5
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
ARMv8.3-PAuth adds functionality that supports address authentication of
the contents of a register before that register is used as the target of
an indirect branch, or as a load.
This feature is supported only in AArch64 state.
This feature is mandatory in ARMv8.3 implementations.
This feature adds several registers to EL1. A new option called
CTX_INCLUDE_PAUTH_REGS has been added to select if the TF needs to save
them during Non-secure <-> Secure world switches. This option must be
enabled if the hardware has the registers or the values will be leaked
during world switches.
To prevent leaks, this patch also disables pointer authentication in the
Secure world if CTX_INCLUDE_PAUTH_REGS is 0. Any attempt to use it will
be trapped in EL3.
Change-Id: I27beba9907b9a86c6df1d0c5bf6180c972830855
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
This adds BL31 support to Intel Stratix10 SoCFPGA platform. BL31 in TF-A
supports:
- PSCI calls to enable 4 CPU cores
- PSCI mailbox calls for FPGA reconfiguration
Signed-off-by: Loh Tien Hock <tien.hock.loh@intel.com>
STM32MP1 chip embeds a dual Cortex-A7 and a Cortex-M4.
The support for Cortex-M4 clocks is added when configuring the clock tree.
Some minimal security features to allow communications between A7 and M4
are also added.
Change-Id: I60417e244a476f60a2758f4969700b2684056665
Signed-off-by: Yann Gautier <yann.gautier@st.com>
A link to st.com page describing STM32MP1 is added.
Add the information about Cortex-M4 embedded in STM32MP1.
Correct typo for u-boot command.
Change-Id: Ie900f6ee59461c5e7ad8a8b06854abaf41fca3ce
Signed-off-by: Yann Gautier <yann.gautier@st.com>
In case the PCIe controller receives a L1_Enter_PM DLLP, it will
disable the internal PLLs. The system software cannot predict it
and can attempt to perform device config space access across the
PCIe link while the controller is in this transitional state. If
such condition happens, the PCIe controller register access will
trigger ARM64 SError exception.
This patch adds checks for which PCIe controller is enabled,
checks whether the PCIe controller is in such a transitional
state and if so, first completes the transition and then restarts
the instruction which caused the SError.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
This documentation contains information about the boot sequence,
code location and build procedure for fvp_ve platform.
Change-Id: I339903f663cc625cfabc75ed8e4accb8b2c3917c
Signed-off-by: Usama Arif <usama.arif@arm.com>
Cortex A5 doesnt support VFP, Large Page addressing and generic timer
which are addressed in this patch. The device tree for Cortex a5
is also included.
Change-Id: I0722345721b145dfcc80bebd36a1afbdc44bb678
Signed-off-by: Usama Arif <usama.arif@arm.com>
Cortex a5 doesnt support hardware division such as sdiv and udiv commands.
This commit adds a software division function in assembly as well as include
appropriate files for software divison.
The software division algorithm is a modified version obtained from:
http://www.keil.com/support/man/docs/armasm/armasm_dom1359731155623.htm
Change-Id: Ib405a330da5f1cea1e68e07e7b520edeef9e2652
Signed-off-by: Usama Arif <usama.arif@arm.com>
Support 32bit descriptor MMU table. This is required by ARMv7
architectures that do not support the Large Page Address Extensions.
nonlpae_tables.c source file is dumped from the OP-TEE project:
core_mmu_armv7.c and related header files.
Change-Id: If912d66c374290c49c5a1211ce4c5c27b2d7dc60
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Usama Arif <usama.arif@arm.com>
This patch adds support for Versatile express FVP (Fast models).
Versatile express is a family of platforms that are based on ARM v7.
Currently this port has only been tested on Cortex A7, although it
should work with other ARM V7 cores that support LPAE, generic timers,
VFP and hardware divide. Future patches will support other
cores like Cortex A5 that dont support features like LPAE
and hardware divide. This platform is tested on and only expected to
work on single core models.
Change-Id: I10893af65b8bb64da7b3bd851cab8231718e61dd
Signed-off-by: Usama Arif <usama.arif@arm.com>
Change-Id: I2b75be16f452a8ab7c2445ccd519fb057a135812
Co-authored-by: John Tsichritzis <john.tsichritzis@arm.com>
Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
Commit 2559b2c825 ("xlat v2: Dynamically detect need for CnP bit")
modified the code to convert the compile-time check for ARMv8.2-TTCNP to
a runtime check, but forgot to update the documentation associated to it.
Change-Id: I6d33a4de389d976dbdcce65d8fdf138959530669
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
In a system with ARMv8.5-PMU implemented:
- If EL3 is using AArch32, setting MDCR_EL3.SCCD to 1 disables counting
in Secure state in PMCCNTR.
- If EL3 is using AArch64, setting SDCR.SCCD to 1 disables counting in
Secure state in PMCCNTR_EL0.
So far this effect has been achieved by setting PMCR_EL0.DP (in AArch64)
or PMCR.DP (in AArch32) to 1 instead, but this isn't considered secure
as any EL can change that value.
Change-Id: I82cbb3e48f2e5a55c44d9c4445683c5881ef1f6f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
The variable is renamed to PLAT_ARM_RUN_UART as
the UART is used outside BL31 as well.
Change-Id: I00e3639dfb2001758b7d24548c11236c6335f64a
Signed-off-by: Usama Arif <usama.arif@arm.com>
Convert them to take an mpidr instead of a (cluster, core) pair. This
simplifies all of the call sites, and actually makes the functions a bit
smaller.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Since commit 01fc1c24b9 ("BL31: Use helper function to save registers
in SMC handler") all the general-purpose registers are saved when
entering EL3. It isn't needed to save them here.
Change-Id: Ic540a5441b89b70888da587ab8fc3b2508cef8cc
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Armv8.5 introduces the field CSV2 to register ID_AA64PFR0_EL1. It can
have the following 3 values:
- 0: Branch targets trained in one hardware described context may affect
speculative execution in a different hardware described context. In
some CPUs it may be needed to apply mitigations.
- 1: Branch targets trained in one hardware described context can only
affect speculative execution in a different hardware described
context in a hard-to-determine way. No mitigation required.
- 2: Same as 1, but the device is also aware of SCXTNUM_ELx register
contexts. The TF doesn't use the registers, so there is no
difference with 1.
The field CSV2 was originally introduced in the TRM of the Cortex-A76
before the release of the Armv8.5 architecture. That TRM only mentions
the meaning of values 0 and 1. Because of this, the code only checks if
the field has value 1 to know whether to enable or disable the
mitigations.
This patch makes it aware of value 2 as well. Both values 1 and 2
disable the mitigation, and 0 enables it.
Change-Id: I5af33de25a0197c98173f52c6c8c77b51a51429f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Add the device tree files to support the 2 discovery boards: DK1 & DK2.
Change-Id: I90b4797dc69bd0aab1b643a72c932ead48a03c1f
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Remove useless private structure in function prototypes.
Add a reference counter on clocks.
Prepare for future secured/shared/non-secured clocks.
Change-Id: I3dbed81721da5ceff5e10b2c4155b1e340c036ee
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Signed-off-by: Nicolas LE BAYON <nicolas.le.bayon@st.com>
This change makes the platform to panic in case of peripheral reset
resource malfunction.
Change-Id: I17eb9cb045b78a4e5142a8c33b744e84992d732a
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Nicolas LE BAYON <nicolas.le.bayon@st.com>
PWR, RCC, DDRPHYC & DDRCTRL addresses can be retrieved from device tree.
Platform asserts the value read from the DT are the SoC addresses.
Change-Id: I43f0890b51918a30c87ac067d3780ab27a0f59de
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Nicolas LE BAYON <nicolas.le.bayon@st.com>
Create a new file stm32mp_clkfunc.c to put functions that could be common
between several platforms.
Change-Id: Ica915c796b162b2345056b33328acc05035a242c
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Regulator configuration at boot takes more information from DT.
I2C configuration from DT is done in I2C driver.
I2C driver manages more transfer modes.
The min voltage of buck1 should also be increased to 1.2V,
else the platform does not boot.
Heavily modifies stm32_i2c.c since many functions move inside the source
file to remove redundant declarations.
Change-Id: I0bee5d776cf3ff15e687427cd6abc06ab237d025
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Signed-off-by: Nicolas LE BAYON <nicolas.le.bayon@st.com>
Remove the previously use function: get_timer, and use new functions
timeout_init_us and timeout_elapsed.
Change-Id: I4e95b123648bff7ca91e40462a2a3ae24cfe1697
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Nicolas LE BAYON <nicolas.le.bayon@st.com>
timeout_init_us(some_timeout_us); returns a reference to detect
timeout for the provided microsecond delay value from current time.
timeout_elapsed(reference) return true/false whether the reference
timeout is elapsed.
This change is inspired by the OP-TEE OS timeout resources [1].
[1] https://github.com/OP-TEE/optee_os/blob/3.4.0/core/arch/arm/include/kernel/delay.h#L45
Change-Id: Id81ff48aa49693f555dc621064878417101d5587
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Include all RCC, clocks and reset headers from stm32mp1_def.h
which if exported to the firmware through platform_def.h.
The same dependency removal is done in common code as well.
Some useless includes are also removed in stm32_sdmmc2 driver.
Change-Id: I731ea5775c3fdb7f7b0c388b93923ed5e84b8d3f
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Mainly remove suffix 1 from prefix stm32mp1 in several macros and functions
that can be used in drivers shared by different platforms.
Change-Id: I2295c44f5b1edac7e80a93c0e8dfd671b36e88e7
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Some parts of code could be shared with platform derivatives,
or new platforms.
A new folder plat/st/common is created to put common parts.
stm32mp_common.h is a common API aggregate.
Remove some casts where applicable.
Fix some types where applicable.
Remove also some platform includes that are already in stm32mp1_def.h.
Change-Id: I46d763c8d9e15732d1ee7383207fd58206d7f583
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Antonio Nino Diaz
Tien Hock, Loh
Yann Gautier
Marek Vasut
Usama Arif
Etienne Carriere
Sathees Balya
John Tsichritzis
Samuel Holland