The platform sip is reporting a "unsupported function ID" if the
smc function id is not pmc command. When actually the smc function id
could be specific to the tegra sip handler.
This patch removes the error reported.
Change-Id: Ia3c8545d345746c5eea6d75b9e6957ca23ae9ca3
Signed-off-by: Kalyani Chidambaram <kalyanic@nvidia.com>
SMMU and MC registers are saved as part of the System Suspend sequence.
The register list includes some NS world SMMU registers that need to be
saved by NS world software instead. All that remains as a result are
the MC registers.
This patch moves code to MC file as a result and renames all the
variables and defines to use the MC prefix instead of SMMU. The
Tegra186 and Tegra194 platform ports are updated to provide the MC
context register list to the parent driver. The memory required for
context save is reduced due to removal of the SMMU registers.
Change-Id: I83a05079039f52f9ce91c938ada6cd6dfd9c843f
Signed-off-by: Pritesh Raithatha <praithatha@nvidia.com>
This patch fixes the SE clock ID being used for Tegra186 and Tegra194
SoCs. Previous assumption, that both SoCs use the same clock ID, was
incorrect.
Change-Id: I1ef0da5547ff2e14151b53968cad9cc78fee63bd
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
The platform code already contains the initial set of MC SID
security configs to be locked during boot. This patch adds some
more configs to the list. Since the reset value of these registers
is already as per expectations, there is no need to change it.
MC SID security configs
- PTCR,
- MIU6R, MIU6W, MIU7R, MIU7W,
- MPCORER, MPCOREW,
- NVDEC1SRD, NVDEC1SRD1, NVDEC1SWR.
Change-Id: Ia9a1f6a6b6d34fb2787298651f7a4792a40b88ab
Signed-off-by: Pritesh Raithatha <praithatha@nvidia.com>
The BL3-1 firmware code is stored in TZSRAM on Tegra194 platforms. This
memory loses power when we enter System Suspend and so its contents are
stored to TZDRAM, before entry. This opens up an attack vector where the
TZDRAM contents might be tampered with when we are in the System Suspend
mode. To mitigate this attack the SE engine calculates the hash of entire
TZSRAM and stores it in PMC scratch, before we copy data to TZDRAM. The
WB0 code will validate the TZDRAM and match the hash with the one in PMC
scratch.
This patch adds driver for the SE engine, with APIs to calculate the hash
and store to PMC scratch registers.
Change-Id: I04cc0eb7f54c69d64b6c34fc2ff62e4cfbdd43b2
Signed-off-by: Jeetesh Burman <jburman@nvidia.com>
This patch saves the TZDRAM base and size values to secure scratch
registers, for the WB0. The WB0 reads these values and uses them to
verify integrity of the TZDRAM aperture.
Change-Id: I2f5fd11c87804d20e2698de33be977991c9f6f33
Signed-off-by: Jeetesh Burman <jburman@nvidia.com>
armclang displays warnings for extra parentheses, leading to
build failures as warnings are treated as errors.
This patch removes the extra parentheses to fix this issue.
Change-Id: Id2fd6a3086590436eecabc55502f40752a018131
Signed-off-by: Kalyani Chidambaram <kalyanic@nvidia.com>
* changes:
stm32mp1: platform.mk: support generating multiple images in one build
stm32mp1: platform.mk: migrate to implicit rules
stm32mp1: platform.mk: derive map file name from target name
stm32mp1: platform.mk: generate linker script with fixed name
stm32mp1: platform.mk: use PHONY for the appropriate targets
* changes:
Factor xlat_table sections in linker scripts out into a header file
xlat_tables_v2: use ARRAY_SIZE in REGISTER_XLAT_CONTEXT_FULL_SPEC
xlat_tables_v2: merge REGISTER_XLAT_CONTEXT_{FULL_SPEC,RO_BASE_TABLE}
TF-A has so many linker scripts, at least one linker script for each BL
image, and some platforms have their own ones. They duplicate quite
similar code (and comments).
When we add some changes to linker scripts, we end up with touching
so many files. This is not nice in the maintainability perspective.
When you look at Linux kernel, the common code is macrofied in
include/asm-generic/vmlinux.lds.h, which is included from each arch
linker script, arch/*/kernel/vmlinux.lds.S
TF-A can follow this approach. Let's factor out the common code into
include/common/bl_common.ld.h
As a start point, this commit factors out the xlat_table section.
Change-Id: Ifa369e9b48e8e12702535d721cc2a16d12397895
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
* changes:
plat/arm: Pass cookie argument down to arm_get_rotpk_info()
plat/arm: Add support for dualroot CoT
plat/arm: Provide some PROTK files for development
This patch provides separation of GICD, GICR accessor
functions and adds new macros for GICv3 registers access
as a preparation for GICv3.1 and GICv4 support.
NOTE: Platforms need to modify to include both
'gicdv3_helpers.c' and 'gicrv3_helpers.c' instead of the
single helper file previously.
Change-Id: I1641bd6d217d6eb7d1228be3c4177b2d556da60a
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
This patch saves the TZDRAM base and size values to secure scratch
registers, for the WB0. The WB0 reads these values and uses them to
verify integrity of the TZDRAM aperture.
Change-Id: Ic70914cb958249f06cb58025a24d13734a85e16e
Signed-off-by: Jeetesh Burman <jburman@nvidia.com>
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
The BL3-1 firmware code is stored in TZSRAM on Tegra186 platforms. This
memory loses power when we enter System Suspend and so its contents are
stored to TZDRAM, before entry. This opens up an attack vector where the
TZDRAM contents might be tampered with when we are in the System Suspend
mode. To mitigate this attack the SE engine calculates the hash of entire
TZSRAM and stores it in PMC scratch, before we copy data to TZDRAM. The
WB0 code will validate the TZDRAM and match the hash with the one in PMC
scratch.
This patch adds driver for the SE engine, with APIs to calculate the hash
and store SE SHA256 hash-result to PMC scratch registers.
Change-Id: Ib487d5629225d3d99bd35d44f0402d6d3cf27ddf
Signed-off-by: Jeetesh Burman <jburman@nvidia.com>
This patch enables the bpmp-ipc driver for Tegra186 platforms,
to ask BPMP firmware to toggle SE clock.
Change-Id: Ie63587346c4d9b7e54767dbee17d0139fa2818ae
Signed-off-by: Jeetesh Burman <jburman@nvidia.com>
ERRATA_A57_829520 disables "indirect branch prediction" for
EL1 on cpu reset, leading to 15% drop in CPU performance
with coremark benchmarks.
Tegra210 already has a hardware fix for ARM BUG#829520,so
this errata is not needed.
This patch disables the errata to get increased performance
numbers.
Change-Id: I0b42e8badd19a8101f6a55d80eb2d953597d3c20
Signed-off-by: Mithun Maragiri <mmaragiri@nvidia.com>
This patch adds support for memqual miu 4,5.
The MEMQUAL engine has miu0 to miu7 in which miu6 and
miu7 is hardwired to bypass SMMU. So only miu0 to miu5
support is provided.
Change-Id: Ib350334eec521e65f395f1c3205e2cdaf464ebea
Signed-off-by: Pravin <pt@nvidia.com>
As bpmp-fw is running at the same time as ATF, and
the mss client reconfiguration sequence involves performing
a hot flush resets on bpmp, there is a chance that bpmp-fw is
trying to perform accesses while the hot flush is active.
Therefore, the mss client reconfigure has been moved to
System Suspend resume fw and bootloader, and it can be
removed from here.
Change-Id: I34019ad12abea9681f5e180af6bc86f2c4c6fc74
Signed-off-by: Stefan Kristiansson <stefank@nvidia.com>
This patch removes usage of bakery_locks from the FIQ handler, as it
creates unnecessary dependency whenever the watchdog timer interrupt
fires. All operations inside the interrupt handler are 'reads', so
no need for serialization.
Change-Id: I3f675e610e4dabc5b1435fdd24bc28e424f5a8e4
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Tegra210B01 SoCs support atomic context save for the two SE
hardware engines. Tegra210 SoCs have support for only one SE
engine and support a software based save/restore mechanism
instead.
This patch updates the SE driver to make this change.
Change-Id: Ia5e5ed75d0fe011f17809684bbc2ed2338925946
Signed-off-by: Harvey Hsieh <hhsieh@nvidia.com>
Update the list to include PMC registers that the NS world cannot
access even with smc calls.
Change-Id: I588179b56ebc0c29200b55e6d61535fd3a7a3b7e
Signed-off-by: kalyani chidambaram <kalyanic@nvidia.com>
This patch resets the macros to update the CPUACTLR_ELx to make
them generic for all exception levels.
Change-Id: I33e9b860efb543934b654a2f5d775135df7f1aa6
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This patch provides a fix for incorrect crash dump data for
lower EL when TF-A is built with HANDLE_EA_EL3_FIRST=1 option
which enables routing of External Aborts and SErrors to EL3.
Change-Id: I9d5e6775e6aad21db5b78362da6c3a3d897df977
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Currently, the ROM region is needlessly too large.
The on-chip SRAM region of the next SoC will start from 0x04000000,
and this will cause the region overlap.
Mapping 0x04000000 for the ROM is enough.
Change-Id: I85ce0bb1120ebff2e3bc7fd13dc0fd15dfff5ff6
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Enable encryption IO layer to be stacked above FIP IO layer for optional
encryption of Bl31 and BL32 images in case ENCRYPT_BL31 or ENCRYPT_BL32
build flag is set.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Change-Id: I24cba64728861e833abffc3d5d9807599c49feb6
TBBR spec advocates for optional encryption of firmwares (see optional
requirement: R060_TBBR_FUNCTION). So add an IO abstaction layer to
support firmware decryption that can be stacked above any underlying IO/
packaging layer like FIP etc. It aims to provide a framework to load any
encrypted IO payload.
Also, add plat_get_enc_key_info() to be implemented in a platform
specific manner as handling of encryption key may vary from one platform
to another.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Change-Id: I9892e0ddf00ebecb8981301dbfa41ea23e078b03
Some boards (f.e. Verdin i.MX8M Mini) use different UART base address
for serial debug output, so make this value configurable (as a
build option).
Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com>
Change-Id: I988492ccecbc3f64a5153b381c4a97b8a0181f52
Since commit ac71344e9e we have the UART base address in the generic
console_t structure. For most platforms the platform-specific struct
console is gone, so we *must* use the embedded base address, since there
is no storage behind the generic console_t anymore.
Replace the usage of CONSOLE_T_DRVDATA with CONSOLE_T_BASE to fix this.
Change-Id: I6d2ab0bc2c845c71f98b9dd64d89eef3252f4591
Reported-by: Varun Wadekar <vwadekar@nvidia.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Commit ac71344e9e moved the base address
for the MMIO aperture of the console inside the console_t struct. As
a result, the driver should now save the MMIO base address to console_t
at offset marked by the CONSOLE_T_BASE macro.
This patch updates the SPE console driver to use the CONSOLE_T_BASE macro
to save/access the MMIO base address.
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Change-Id: I42afc2608372687832932269108ed642f218fd40
This patch implements loading of Secure Partition packages using
existing framework of loading other bl images.
The current framework uses a statically defined array to store all the
possible image types and at run time generates a link list and traverse
through it to load different images.
To load SPs, a new array of fixed size is introduced which will be
dynamically populated based on number of SPs available in the system
and it will be appended to the loadable images list.
Change-Id: I8309f63595f2a71b28a73b922d20ccba9c4f6ae4
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Added SPMD_SPM_AT_SEL2 build command line parameter.
Set to 1 to run SPM at S-EL2.
Set to 0 to run SPM at S-EL1 (pre-v8.4 or S-EL2 is disabled).
Removed runtime EL from SPM core manifest.
Change-Id: Icb4f5ea4c800f266880db1d410d63fe27a1171c0
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
Renamed the structure according to a SPMD refactoring
introduced in <c585d07aa> since this structure is used
to service both EL1 and EL2 as opposed to serving only EL1.
Change-Id: I23b7c089e53f617157a4b4e6443acce50d85c3b5
Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
Add load address and UUID in fw config dts for Cactus and Ivy which are
example SP's in tf-test repository.
For prototype purpose these information is added manually but later on
it will be updated at compile time from SP layout file and SP manifests
provided by platform.
Change-Id: I41f485e0245d882c7b514bad41fae34036597ce4
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Use the firmware configuration framework to retrieve information about
Secure Partitions to facilitate loading them into memory.
To load a SP image we need UUID look-up into FIP and the load address
where it needs to be loaded in memory.
This patch introduces a SP populator function which gets UUID and load
address from firmware config device tree and updates its C data
structure.
Change-Id: I17faec41803df9a76712dcc8b67cadb1c9daf8cd
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
On Hikey960 if outputs GPIO176 low level, it can tell PMIC to power off
the whole board. To avoid resetting the board and stay off, it also
requires the SW2201's three switches 1/2/3 need to be all set to 0.
Since current code doesn't contain complete GPIO modules and misses to
support GPIO176. This patch adds all known GPIO modules and initialize
GPIO in BL31, and adds system power off callback to use GPIO176 for PMIC
power off operation.
Change-Id: Ia88859b8b7c87c061420ef75f0de3e2768667bb0
Signed-off-by: Leo Yan <leo.yan@linaro.org>
* changes:
board/rddaniel: intialize tzc400 controllers
plat/arm/tzc: add support to configure multiple tzc400
plat/arm: allow boards to specify second DRAM Base address
plat/arm: allow boards to define PLAT_ARM_TZC_FILTERS
Kalyani Chidambaram
Varun Wadekar
Pritesh Raithatha
Jeetesh Burman
Mark Dykes
Sandrine Bailleux
Olivier Deprez
Masahiro Yamada
Alexei Fedorov
Mithun Maragiri
Pravin
Stefan Kristiansson
Harvey Hsieh
Sumit Garg
Manish Pandey
Igor Opaniuk
Andre Przywara
Max Shvetsov
Leo Yan