NXP I2C driver support for NXP SoC(s).
Signed-off-by: York Sun <york.sun@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I234b76f9fa1b30dd13aa087001411370cc6c8dd0
NXP Security Monitor IP provides hardware anchored
- current security state of the SoC.
- Tamper detect etc.
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I8ff809fe2f3fd013844ab3d4a8733f53c2b06c81
NXP Security Fuse Processor is used to read and write
fuses.
- Fuses once written, are cannot be un-done.
- Used as trust anchor for monotonic counter,
different platform keys etc.
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I347e806dd87078150fbbbfc28355bb44d9eacb9c
CCN API(s) to be used NXP SoC(s) are added.
These API(s) based on ARM CCN driver
- driver/arm/ccn
CCI API(s) to be used NXP SoC(s) are added.
These API(s) based on ARM CCI driver
- driver/arm/cci
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I7682c4c9bd42f63542b3ffd3cb6c5d2effe4ae0a
NXP TZC-400 API(s) to configure ddr regions are based on:
- drivers/arm/tzc
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I524433ff9fafe1170b13e99b7de01fe957b6d305
NXP Timer Apis are based on:
- drivers/delay_timer
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I2cbccf4c082a10affee1143390905b9cc99c3382
NXP SoCs, supports two types of UART controller:
- PL011 - using ARM drivers sources
- 16550 - using TI drivers source
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: Iacbcefd2b6e5d96f83fa00ad25b4f63a4c822bb4
Generic framework is added to include platform defined UUID.
This framework is added for the following:
- All NXP SoC based platforms needed additional fip-fuse.bin
- NXP SoC lx2160a based platforms requires additional fip-ddr.bin
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: Ibe05d9c596256e34077287a490dfcd5b731ef2cf
Conditional definition for the macro MAX_NUMBER_IDS.
This will allow to update this definition by the platform
specific implementation.
Since, NXP SoC lx2160a based platforms requires additional
FIP DDR to be loaded before initializing the DDR.
It requires addition of defines for DDR image IDs.
A dedicated header plat_tbbr_img_def.h is added to the platform
folder - plat/nxp/common/include/default/
Inclusion of this header file will depend on the compile time
flag PLAT_TBBR_IMG_DEF.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I4faba74dce578e2a34acbc8915ff75d7b8368cee
Incorrect value is picked for TF_MBEDTLS_USE_RSA defination,
even if the TF_MBEDTLS_RSA is enabled.
Due to which PK_DER_LEN is defined incorrectly.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I2ca4ca121e0287b88ea689c885ddcd45a34a3e91
Changes to 'tools/cert_create' folder, to include platform defined
certificates, keys, and extensions.
NXP SoC lx2160a : based platforms requires additional
FIP DDR to be loaded before initializing the DDR.
To enable chain of trust on these platforms, FIP DDR
image needs to be authenticated, additionally.
Platform specific folder 'tools/nxp/cert_create_helper'
is added to support platform specific macros and definitions.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I4752a30a9ff3aa1d403e9babe3a07ba0e6b2bf8f
Platforms, which requires additional images to be
verified using TBBR; such that their key certificate
is tied to TRUSTED_KEY_CERT.
For such platforms, if make commands runs twice:
- Once with targets as bl2 & fip.bin, and
- Again to build the target as the additional image.
then, if path to the TRUSTED_KEY_CERT varies in the
makefile with make-target of the additional image, then
there would be two location where "trusted_key.crt" will
be created.
This patch helps overriding the TRUSTED_KEY_CERT from any .mk
in the platform's makefile structure.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I775a2c409035504b21b0bbe5a4f9046898163eed
The devicetree binding document[1] for the /reserved-memory node demands
that the number of address and size-cells in the reserved-memory node
must match those values in the root node. So far we were forcing a
64-bit address along with a 32-bit size.
Adjust the code to query the cells values from the root node, and
populate the newly created /reserved-memory node accordingly.
This fixes the fdt_add_reserved_memory() function when called on a
devicetree which does not use the 2/1 pair. Linux is picky about this
and will bail out the parsing routine, effectively ignoring the
reserved-memory node:
[ 0.000000] OF: fdt: Reserved memory: unsupported node format, ignoring
[1] Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt
in the Linux kernel source tree
Change-Id: Ie126ebab4f3fedd48e12c9ed4bd8fa123acc86d3
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
BIT24 of IPI command header is used to determine if caller is
secure or non-secure.
Mark BIT24 of IPI command header as non-secure if SMC caller
is non-secure.
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Abhyuday Godhasara <abhyuday.godhasara@xilinx.com>
Change-Id: Iec25af8f4b202093f58e858ee47cd9cd46890267
FF-A specification states that error codes should be typed int32_t.
SPMD's uses uint64_t for return values, which if assigned with a signed
type would have sign extension, and change the size of the return from
32-bit to 64-bit.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I288ab2ffec8330a2fe1f21df14e22c34bd83ced3
Typically, interrupts for a specific security state get handled in the
same security execption level if the execution is in the same security
state. For example, if a non-secure interrupt gets fired when CPU is
executing in NS-EL2 it gets handled in the non-secure world.
However, interrupts belonging to the opposite security state typically
demand a world(context) switch. This is inline with the security
principle which states a secure interrupt has to be handled in the
secure world. Hence, the TSPD in EL3 expects the context(handle) for a
secure interrupt to be non-secure and vice versa.
The function "tspd_sel1_interrupt_handler" is the handler registered
for S-EL1 interrupts by the TSPD. Based on the above assumption, it
provides an assertion to validate if the interrupt originated from
non-secure world and upon success arranges entry into the TSP at
'tsp_sel1_intr_entry' for handling the interrupt.
However, a race condition between non-secure and secure interrupts can
lead to a scenario where the above assumptions do not hold true and
further leading to following assert fail.
This patch fixes the bug which causes this assert fail:
ASSERT: services/spd/tspd/tspd_main.c:105
BACKTRACE: START: assert
0: EL3: 0x400c128
1: EL3: 0x400faf8
2: EL3: 0x40099a4
3: EL3: 0x4010d54
BACKTRACE: END: assert
Change-Id: I359d30fb5dbb1429a4a3c3fff37fdc64c07e9414
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
The UEFI specification details the represenatation
for the EFI_GUID type. Add this representation to the
uuid_helper_t union type so that GUID definitions
can be shared verbatim between UEFI and TF-A header
files.
Change-Id: Ie44ac141f70dd0025e186581d26dce1c1c29fce6
Signed-off-by: Tomas Pilar <tomas@nuviainc.com>
1.Since in mmc_init, the most of mmc_device_info passed in are temporary variables.
In order to avoid referencing the released space on the stack when maybe MISUSED,
it`s better to use global variables to store mmc_device_info in mmc.c
2.Delete redundant;
Signed-off-by: deqi.hu@siengine.com
Change-Id: I51ae90e7f878b19b4963508b3f7ec66339015ebc
Versal is a72 based that's why there is no reason to build low level
assemble code for a53.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Change-Id: Iff9cf2582102d951825b87fd9af18e831ca717d6
The FF-A v1.0 spec allows two configurations for the number of EC/vCPU
instantiated in a Secure Partition:
-A MultiProcessor (MP) SP instantiates as many ECs as the number of PEs.
An EC is pinned to a corresponding physical CPU.
-An UniProcessor (UP) SP instantiates a single EC. The EC is migrated to
the physical CPU from which the FF-A call is originating.
This change permits exercising the latter case within the TF-A-tests
framework.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I7fae0e7b873f349b34e57de5cea496210123aea0
Add a lock and spin lock/unlock calls when accessing the fields of the
SPMD PM structure.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I9bab705564dc1ba003c29512b1f9be5f126fbb0d
Remove the former impdef SPMD service for SPMC entry point
registration. Replace with FFA_SECONDARY_EP_REGISTER ABI
providing a single entry point address into the SPMC for
primary and secondary cold boot.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I067adeec25fc12cdae90c15a616903b4ac4d4d83
Compiling BL31 for the Rockchip platform now produces a message about
the deprecation of gic_common.c.
Follow the advice and use include gicv2.mk instead.
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
Change-Id: I396b977d57975dba27cfed801ad5264bbbde2b5e
The case for value "VCOREFS_SMC_CMD_INIT" is not
terminated by a "break" statement.
Signed-off-by: Roger Lu <roger.lu@mediatek.com>
Change-Id: I56cc7c1648e101c0da6e77e592e6edbd5d37724e
when updata routing of an SDEI event, if the registration flags
is SDEI_REGF_RM_PE, need to updata the affinity of shared event.
Signed-off-by: Tony Xie <tony.xie@rock-chips.com>
Change-Id: Ie5d7cc4199253f6af1c28b407f712caac3092d06
* changes:
drivers/gicv3: also shift eSPI register offset in GICD_OFFSET_64()
drivers/gicv3: add debug log for maximum INTID of SPI and eSPI
drivers/gicv3: limit SPI ID to avoid misjudgement in GICD_OFFSET()
drivers/gicv3: fix logical issue for num_eints
drivers/gicv3: fix potential GICD context override with ESPI enabled
drivers/gicv3: use mpidr to probe GICR for current CPU
Make the aarch64's el3_panic() function print a newline character after
PC address, otherwise the output can get mangled in one line with output
from other firmware. Here is an example of how the output of el3_panic()
got mangled with Linux' console output:
ERROR: Unhandled External Abort received on 0x80000001 at EL3!
ERROR: exception reason=1 syndrome=0x92000210
PANIC at PC : 0x0000000004027400[13438.473133] rcu: INFO: rcu_sched detected stalls on CPUs/tasks:
[13438.479255] rcu: 1-...0: (4 ticks this GP) idle=35e/1/0x4000000000000000 softirq=146459/146459 fqs=2625
The aarch32 version of this function already does this.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I9f0d032c6cd1e2be7a1837f9c8e8244d30633993