NXP SoC supports two TBB mode:
- MBED_TLS based
-- ROTK key hash is placed as part of the BL2 binary at section:
--- .rodata.nxp_rotpk_hash
-- Supporting non-volatile counter via SFP.
-- platform function used by TFA common authentication code.
- NXP CSF based
-- ROTK key deployment vary from MBEDTLS
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: Ib0f0bf024fd93de906c5d4f609383ae9e02b2fbc
All of the NXP SoC, needs fip_fuse image to be
loaded additionally as part of preparation for Trusted board boot
- fip_fuse.bin contains an image for auto fuse provisioning.
- Auto fuse provisioning is based on the input file with values for:
-- SRK Hash
-- OTPMK
-- misc. refer board manual for more details.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I26d4024fefe352d967ca120191f784f1f47aa9d1
Few of the NXP SoC like LX2160A, needs ddr-phy images to be
loaded additionally before DDR initialization
- fip_ddr.bin is created containing upto 6 ddr images.
- With TRUSTED_BOARD_BOOT = 1, fip_ddr.bin is authenticated
first before loading and starting DDR initialization.
- To successfully compile this image, platform-defined header files
needs to be defined:
-- include/common/tbbr/tbbr_img_def.h uses:
--- plat_tbbr_img_def.h: platform specific new FIP image macros.
-- include/tools/share/firmware_image_package.h uses:
--- plat_def_fip_uuid.h: platform specific new UUID macros.
---- Added UUID for DDR images to create FIP-DDR.
---- Added UUID for FUSE provisioning images to create FIP-fuse.
-- include/tools/share/tbbr_oid.h uses:
--- platform_oid.h: platform specific new OID macros.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: Icbcf1673a8c398aae98680b5016f4276b4864b91
function load_img(), is dependent on:
- Recursively calling load_image() defined in common/bl_common.c
- for each image in the fip.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I57ca4b666cd1b0b992b7c0fc2a4260b558c0e2a9
bl31-data file written in assembly helps to manage data at bl31.
Signed-off-by: rocket <rod.dorris@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: Ic3ace03364648cc1174bb05b5b334b9ccdaaa4ed
This works even on SoCs that do not have an ARISC, and it avoids
clobbering whatever ARISC firmware might be running.
Change-Id: I9f2fed597189bb387de79e8e76a7da3375e1ee91
Signed-off-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Adds a number of definitions consistent with the established WaRP7
equivalents specifying number of io_handles and block devices.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: If1d7ef1ad3ac3dfc860f949392c7534ce8d206e3
Allows for exporting of FIP related methods cleanly in a private header.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: I8523f1370312ed22ff7ca710cd916be52f725e3c
TZC400 is configured to raise an interrupt in case of faulty access.
Call the new added tzc400_it_handler, in case this interrupt occurs.
Change-Id: Iaf4fa408a8eff99498042e11e2d6177bad39868c
Signed-off-by: Yann Gautier <yann.gautier@st.com>
On STM32MP15, only filters 0 and 1 are used.
Use TZC_400_REGION_ATTR_FILTER_BIT() macro for those 2 filters 0 and 1
instead of U(3).
Change-Id: Ibc61823842ade680f59d5b66b8db59b6a30080e4
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Addresses the deprecation warning produced by
drivers/arm/gic/common/gic_common.c.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Change-Id: I1a3ff4835d0f94c74b405db10622e99875ded82b
BIT24 of IPI command header is used to determine if caller is
secure or non-secure.
Mark BIT24 of IPI command header as non-secure if SMC caller
is non-secure.
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Abhyuday Godhasara <abhyuday.godhasara@xilinx.com>
Change-Id: Iec25af8f4b202093f58e858ee47cd9cd46890267
Versal is a72 based that's why there is no reason to build low level
assemble code for a53.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Change-Id: Iff9cf2582102d951825b87fd9af18e831ca717d6
The FF-A v1.0 spec allows two configurations for the number of EC/vCPU
instantiated in a Secure Partition:
-A MultiProcessor (MP) SP instantiates as many ECs as the number of PEs.
An EC is pinned to a corresponding physical CPU.
-An UniProcessor (UP) SP instantiates a single EC. The EC is migrated to
the physical CPU from which the FF-A call is originating.
This change permits exercising the latter case within the TF-A-tests
framework.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I7fae0e7b873f349b34e57de5cea496210123aea0
Compiling BL31 for the Rockchip platform now produces a message about
the deprecation of gic_common.c.
Follow the advice and use include gicv2.mk instead.
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
Change-Id: I396b977d57975dba27cfed801ad5264bbbde2b5e
The case for value "VCOREFS_SMC_CMD_INIT" is not
terminated by a "break" statement.
Signed-off-by: Roger Lu <roger.lu@mediatek.com>
Change-Id: I56cc7c1648e101c0da6e77e592e6edbd5d37724e
1 Only enable domain D0 and D1:PCIe access 0xC0000000~0xC4000000;
2 Only enable domain D0 and D3(SCP) access 0x50000000~0x51400000;
Signed-off-by: Xi Chen <xixi.chen@mediatek.com>
Change-Id: Ic4f9e6d85bfd1cebdb24ffc1d14309c89c103b2a
Low Power Management (LPM) helps find a suitable configuration
for letting system entering idle or suspend with the most
resources off.
Change-Id: Ie6a7063b666cf338cff5bc972c9025b26de482eb
Signed-off-by: Roger Lu <roger.lu@mediatek.com>
Add support for ZU43DR, ZU46DR and ZU47DR to the list of zynqmp
devices. The ZU43DR, ZU46DR and ZU47DR RFSoC silicon id values are
0x7d, 0x78 and 0x7f.
Signed-off-by: Sandeep Gundlupet Raju <sandeep.gundlupet-raju@xilinx.com>
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Acked-by: Michal Simek <michal.simek@xilinx.com>
Change-Id: I566f707116d83475de7c87a6004ca96bf7bccebe
This commit fixes the wrong memory type, secure NOR flash
shall be mapped as MT_DEVICE.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Change-Id: I9c9ed51675d84ded675bb56b2e4ec7a08184c602
sbsa-ref in QEMU may create up to 512 cores.
This commit prepares the MP information to support 512 cores.
The number of xlat tables for spm_mm is also increased.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Change-Id: I2788eaf6d14e188e9b5d1102d359b2899e02df7c
* changes:
plat/marvell/armada: cleanup MSS SRAM if used for copy
plat/marvell: cn913x: allow CP1/CP2 mapping at BLE stage
plat/marvell/armada/common/mss: use MSS SRAM in secure mode
include/drivers/marvell/mochi: add detection of secure mode
plat/marvell: fix SPD handling in dram port
marvell: drivers: move XOR0/1 DIOB from WIN 0 to 1
drivers/marvell/mochi: add support for cn913x in PCIe EP mode
drivers/marvell/mochi: add missing stream IDs configurations
plat/marvell/armada/a8k: support HW RNG by SMC
drivers/rambus: add TRNG-IP-76 driver
This patch cleans up the MSS SRAM if it was used for MSS image
copy (secure boot mode).
Change-Id: I23f600b512050f75e63d59541b9c21cef21ed313
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Reviewed-on: https://sj1git1.cavium.com/c/IP/SW/boot/atf/+/30099
Reviewed-by: Stefan Chulski <stefanc@marvell.com>
Tested-by: sa_ip-sw-jenkins <sa_ip-sw-jenkins@marvell.com>
Map IO WIN to CP1 and CP2 at all stages including the BLE.
Do not map CP1/CP2 if CP_NUM is lower than 2 and 3 accordingly.
This patch allows access to CP1/CP2 internal registers at
BLE stage if CP1/CP2 are connected.
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Change-Id: Icf9ffdf2e9e3cdc2a153429ffd914cc0005f9eca
Reviewed-on: https://sj1git1.cavium.com/c/IP/SW/boot/atf/+/36939
Tested-by: sa_ip-sw-jenkins <sa_ip-sw-jenkins@marvell.com>
Reviewed-by: Stefan Chulski <stefanc@marvell.com>
Reviewed-by: Nadav Haklai <nadavh@marvell.com>
Reviewed-by: Yi Guo <yi.guo@cavium.com>
Reviewed-by: Ofer Heifetz <oferh@marvell.com>
The CP MSS IRAM is only accessible by CM3 CPU and MSS DMA.
In secure boot mode the MSS DMA is unable to directly load
the MSS FW image from DRAM to IRAM.
This patch adds support for using the MSS SRAM as intermediate
storage. The MSS FW image is loaded by application CPU into the
MSS SRAM first, then transferred to MSS IRAM by MSS DMA.
Such change allows the CP MSS image load in secure mode.
Change-Id: Iee7a51d157743a0bdf8acb668ee3d599f760a712
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Reviewed-by: Stefan Chulski <stefanc@marvell.com>
Reviewed-by: Grzegorz Jaszczyk <jaszczyk@marvell.com>
Removing the custom crash implementation and use
plat/common/aarch64/crash_console_helpers.S.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: I045d42eb62bcaf7d1e18fbe9ab9fb9470e800215
* changes:
allwinner: Split native and SCPI-based PSCI implementations
allwinner: psci: Improve system shutdown/reset sequence
allwinner: psci: Drop .pwr_domain_pwr_down_wfi callback
allwinner: Separate code to power off self and other CPUs
Rename rd_n1e1_edge_scmi_plat_info array to plat_rd_scmi_info as the
same array is used to provide SCMI platform info across mulitple RD
platforms and is not resitricted to only RD-N1 and RD-E1 platforms.
Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
Change-Id: I42ba33e0afa3003c731ce513c6a5754b602ec01f
Now that we have a framework for the SMCCC TRNG interface, and the
existing Juno entropy code has been prepared, add the few remaining bits
to implement this interface for the Juno Trusted Entropy Source.
We retire the existing Juno specific RNG interface, and use the generic
one for the stack canary generation.
Change-Id: Ib6a6e5568cb8e0059d71740e2d18d6817b07127d
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
The Juno Trusted Entropy Source has a bias, which makes the generated
raw numbers fail a FIPS 140-2 statistic test.
To improve the quality of the numbers, we can use the CPU's CRC
instructions, which do a decent job on conditioning the bits.
This adds a *very* simple version of arm_acle.h, which is typically
provided by the compiler, and contains the CRC instrinsics definitions
we need. We need the original version by using -nostdinc.
Change-Id: I83d3e6902d6a1164aacd5060ac13a38f0057bd1a
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
NXP specifc macro SET_NXP_MAKE_FLAG is added.
NXP has pool of multiple IPs. This macro helps:
- In soc.mk, this macro help the selected IP source files to be included
for that SoC.
-- The set of IPs required for one NXP SoC is different to the set of IPs
required by another NXP SoC.
- For the same SoC,
-- For one feature, the IP may be required in both BL2 and BL31.
-- Without the above feature, that IP may be required in one.
This macro help in selecting the inclusion of source and header files to:
--- BL2 only
--- BL31 only
--- COMM (used by BL2 and BL31)
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I2cdb13b89aa815fc5219cf8bfb9666d0a9f78765
Currently we use the Juno's TRNG hardware entropy source to initialise
the stack canary. The current function allows to fill a buffer of any
size, but we will actually only ever request 16 bytes, as this is what
the hardware implements. Out of this, we only need at most 64 bits for
the canary.
In preparation for the introduction of the SMCCC TRNG interface, we
can simplify this Juno specific interface by making it compatible with
the generic one: We just deliver 64 bits of entropy on each call.
This reduces the complexity of the code. As the raw entropy register
readouts seem to be biased, it makes sense to do some conditioning
inside the juno_getentropy() function already.
Also initialise the TRNG hardware, if not already done.
Change-Id: I11b977ddc5417d52ac38709a9a7b61499eee481f
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
The DRAM port code issues a dummy write to SPD page-0 i2c address
in order to select this page for the forthcoming read transaction.
If the write buffer length supplied to i2c_write is not zero, this
call is translated to 2 bus transations:
- set the target offset
- write the data to the target
However no actual data should be transferred to SPD page-0 in order
to select it. Actually, the second transation never receives an ACK
from the target device, which caused the following error report:
ERROR: Status 30 in write transaction
This patch sets the buffer length in page-0 select writes to zero,
leading to bypass the data transfer to the target device.
Issuing the target offset command to SPD page-0 address effectively
selects this page for the read operation.
Change-Id: I4bf8e8c09da115ee875f934bc8fbc9349b995017
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Reviewed-on: https://sj1git1.cavium.com/24387
Tested-by: sa_ip-sw-jenkins <sa_ip-sw-jenkins@marvell.com>
Reviewed-by: Ofer Heifetz <oferh@marvell.com>
Reviewed-by: Moti Buskila <motib@marvell.com>
Add initialization for TRNG-IP-76 driver and support SMC call
0xC200FF11 used for reading HW RNG value by secondary bootloader
software for KASLR support.
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Change-Id: I1d644f67457b28d347523f8a7bfc4eacc45cba68
Reviewed-on: https://sj1git1.cavium.com/c/IP/SW/boot/atf/+/32688
Reviewed-by: Stefan Chulski <stefanc@marvell.com>
Reviewed-by: Ofer Heifetz <oferh@marvell.com>
Update TZC base address to align with the recent changes in the platform
memory map.
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Change-Id: I0d0ad528a2e236607c744979e1ddc5c6d426687a
Currently, BLs are mapping the GIC memory region as read-write
for all cores on boot-up.
This opens up the security hole where the active core can write
the GICR frame of fused/inactive core. To avoid this issue, disable
the GICR frame of all inactive cores as below:
1. After primary CPU boots up, map GICR region of all cores as
read-only.
2. After primary CPU boots up, map its GICR region as read-write
and initialize its redistributor interface.
3. After secondary CPU boots up, map its GICR region as read-write
and initialize its redistributor interface.
4. All unused/fused core's redistributor regions remain read-only and
write attempt to such protected regions results in an exception.
As mentioned above, this patch offers only the GICR memory-mapped
region protection considering there is no facility at the GIC IP
level to avoid writing the redistributor area.
These changes are currently done in BL31 of Arm FVP and guarded under
the flag 'FVP_GICR_REGION_PROTECTION'.
As of now, this patch is tested manually as below:
1. Disable the FVP cores (core 1, 2, 3) with core 0 as an active core.
2. Verify data abort triggered by manually updating the ‘GICR_CTLR’
register of core 1’s(fused) redistributor from core 0(active).
Change-Id: I86c99c7b41bae137b2011cf2ac17fad0a26e776d
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
GIC memory region is not getting used in BL1 and BL2.
Hence avoid its mapping in BL1 and BL2 that freed some
page table entries to map other memory regions in the
future.
Retains mapping of CCN interconnect region in BL1 and BL2
overlapped with the GIC memory region.
Change-Id: I880dd0690f94b140e59e4ff0c0d436961b9cb0a7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
So far the ARM platform Makefile would require that RESET_TO_BL31 is set
when we ask for the ARM_LINUX_KERNEL_AS_BL33 feature.
There is no real technical reason for that, and the one place in the
code where this was needed has been fixed.
Remove the requirement of those two options to be always enabled
together.
This enables the direct kernel boot feature for the Foundation FVP
(as described in the documentation), which requires a BL1/FIP
combination to boot, so cannot use RESET_TO_BL31.
Change-Id: I6814797b6431b6614d684bab3c5830bfd9481851
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
At the moment we have the somewhat artifical limitation of
ARM_LINUX_KERNEL_AS_BL33 only being used together with RESET_TO_BL31.
However there does not seem to be a good technical reason for that,
it was probably just to differentate between two different boot flows.
Move the initial register setup for ARM_LINUX_KERNEL_AS_BL33 out of the
RESET_TO_BL31 #ifdef, so that we initialise the registers in any case.
This allows to use a preloaded kernel image when using BL1 and FIP.
Change-Id: I832df272d3829f077661f4ee6d3dd9a276a0118f
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
The structure has been modified to specify the memory
size in bytes instead of Gigabytes.
Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>
Change-Id: I3384677d79af4f3cf55d3c353b6c20bb827b5ae7
This patch removes the Neoverse N1 CPU errata workaround for
bug 1542419 as the bug is not present in Rainier R0P0 core.
Change-Id: Icaca299b13ef830b2ee5129576aae655a6288e69
Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
Secure pl061 qemu driver allows to rize the GPIO pin
from the secure world to reboot and power down
virtual machine.
Do not define secure-gpio for sbsa-ref platform due to
reboot is done via sbsa-ec watchdog.
Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
Change-Id: I508d7c5cf4c75cb169b34b00682a76f6761d3869
The NUM_APID value was derived from kernel device tree sources, but I
made a conversion mistake: the amount of bytes in the APID map is the
total size of the "core" register range (0x1100) minus the offset of the
APID map in that range (0x900). This is of course 0x1100 - 0x900 = 0x800
and not 0x200, so the amount of 4-byte integers it can fit is not 0x80
but 0x200. Fix this and make the math more explicit so it can be more
easily factored out and adjusted if that becomes necessary for a future
SoC.
Also fix a dangerous typo in REG_APID_MAP() where the macro would
reference a random variable `i` rather than its argument (`apid`), and
we just got lucky that the only caller in the current code happened to
pass in a variable called `i` as that argument.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I049dd044fa5aeb65be0e7b12150afd6eb4bac0fa
Increase the core count and add respective entries in DTS.
Add Klein assembly file to cpu sources for core initialization.
Add SCMI entries for cores.
Signed-off-by: Avinash Mehta <avinash.mehta@arm.com>
Change-Id: I14dc1d87df6dcc8d560ade833ce1f92507054747
When building TF-A with USE_ROMLIB=1 and -j make options, the build fails with the following error:
make[1]: *** No rule to make target '/build/juno/debug/romlib/romlib.bin', needed by 'bl1_romlib.bin'.
This patch fixes that issue.
Signed-off-by: Zelalem <zelalem.aweke@arm.com>
Change-Id: I0cca416f3f50f400759164e0735c2d6b520ebf84
* changes:
docs: marvell: Update info about WTMI_IMG option
plat: marvell: armada: a3k: Remove unused variable WTMI_SYSINIT_IMG from Makefile
plat: marvell: armada: Show informative build messages and blank lines
plat: marvell: armada: Move definition of mrvl_flash target to common marvell_common.mk file
plat: marvell: armada: a3k: Use $(Q) instead of @
plat: marvell: armada: a3k: Add a new target mrvl_uart which builds UART image
plat: marvell: armada: a3k: Build UART image files directly in $(BUILD_UART) subdirectory
plat: marvell: armada: a3k: Build intermediate files in $(BUILD_PLAT) directory
plat: marvell: armada: a3k: Correctly set DDR_TOPOLOGY and CLOCKSPRESET for WTMI
plat: marvell: armada: a3k: Allow use of the system Crypto++ library
docs: marvell: Update info about WTP and MV_DDR_PATH parameters
plat: marvell: armada: a3k: Add checks that WTP, MV_DDR_PATH and CRYPTOPP_PATH are correctly defined
docs: marvell: Update mv-ddr-marvell and A3700-utils-marvell branches
* changes:
allwinner: Leave CPU power alone during BL31 setup
allwinner: psci: Invert check in .validate_ns_entrypoint
allwinner: psci: Drop MPIDR check from .pwr_domain_on
allwinner: psci: Drop .get_node_hw_state callback
AMU counters are used for monitoring the CPU performance. RD-N2 platform
has architected AMU available for each core. Enable the use of AMU by
non-secure OS for supporting the use of counters for processor
performance control (ACPI CPPC).
Change-Id: I5cc749cf63c18fc5c7563dd754c2f42990a97e23
Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>
AMU counters are used for monitoring the CPU performance. RD-V1 platform
has architected AMU available for each core. Enable the use of AMU by
non-secure OS for supporting the use of counters for processor
performance control (ACPI CPPC).
Change-Id: I4003d21407953f65b3ce99eaa8f496d6052546e0
Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>
Some of the PSCI platform callbacks were restricted on RD-V1 platform
because the idle was not functional. Now that it is functional, remove
all the restrictions on the use PSCI platform callbacks.
Change-Id: I4cb97cb54de7ee166c30f28df8fea653b6b425c7
Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>
It does not have to be supported by the current shell used in Makefile.
Replace it by a simple echo with implicit newline.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I97fe44986ac36d3079d5258c67f0c9184537e7f0
This change separates building of flash and UART images, so it is possible
to build only one of these images. Also this change allows make to build
them in parallel.
Target mrvl_flash now builds only flash image and mrvl_uart only UART
image. This change reflects it also in the documentation.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: Ie9ce4538d52188dd26d99dfeeb5ad171a5b818f3
This removes need to move files and also allows to build uart and flash
images in parallel.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I13bea547d7849615e1c1e11d333c8c99e568d3f6
Currently a3700_common.mk makefile builds intermediate files in TF-A top
level directory and also outside of the TF-A tree. This change fixes this
issue and builds all intermediate files in $(BUILD_PLAT) directory.
Part of this change is also removal of 'rm' and 'mv' commands as there is
no need to remove or move intermediate files from outside of the TF-A build
tree.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I72e3a3024bd3fdba1b991a220184d750029491e9
When building WTMI image we need to correctly set DDR_TOPOLOGY and
CLOCKSPRESET variables which WTMI build system expect. Otherwise it use
default values.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: Ib83002194c8a6c64a2014899ac049bd319e1652f
This change introduces two new A3720 parameters, CRYPTOPP_LIBDIR and
CRYPTOPP_INCDIR, which can be used to specify directory paths to
pre-compiled Crypto++ library and header files.
When both new parameters are specified then the source code of Crypto++ via
CRYPTOPP_PATH parameter is not needed. And therefore it allows TF-A build
process to use system Crypto++ library.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I6d440f86153373b11b8d098bb68eb7325e86b20b
These variables must contain a path to a valid directory (not a file) which
really exists. Also WTP and MV_DDR_PATH must point to either a valid Marvell
release tarball or git repository.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I1ad80c41092cf3ea6a625426df62b7d9d6f37815
Now that we have split the native and the SCPI version of the PSCI ops,
we can introduce build options to compile in either or both of them.
If one version is not compiled in, some stub functions make sure the
common code still compiles and makes the right decisions.
By default both version are enabled (as before), but one of them can be
disabled on the make command line, or via a platform specific Makefile.
Change-Id: I0c019d8700c0208365eacf57809fb8bc608eb9c0
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Samuel Holland <samuel@sholland.org>
In order to keep SCP firmware as optional, the original, limited native
PSCI implementation was kept around as a fallback. This turned out to be
a good decision, as some newer SoCs omit the ARISC, and thus cannot run
SCP firmware.
However, keeping the two implementations in one file makes things
unnecessarily messy. First, it is difficult to compile out the
SCPI-based implementation where it is not applicable. Second the check
is done in each callback, while scpi_available is only updated at boot.
This makes the individual callbacks unnecessarily complicated.
It is cleaner to provide two entirely separate implementations in two
separate files. The native implementation does not support any kind of
CPU suspend, so its callbacks are greatly simplified. One function,
sunxi_validate_ns_entrypoint, is shared between the two implementations.
Finally, the logic for choosing between implementations is kept in a
third file, to provide for platforms where only one implementation is
applicable and the other is compiled out.
Change-Id: I4914f07d8e693dbce218e0e2394bef15c42945f8
Signed-off-by: Samuel Holland <samuel@sholland.org>
- When the SCPI shutdown/reset command returns success, the SCP is
still waiting for the CPU to enter WFI. Do that.
- Peform board-level poweroff before CPU poweroff. If there is a PMIC
available, it will turn everything off including the CPUs, so doing
CPU poweroff first is a waste of cycles.
- During poweroff, attempt to turn off the local CPU using the ARISC.
This should use slightly less power than just an infinite WFI.
- Drop the WFI in the reset failure path. The panic will hang anyway.
Change-Id: I897efecb3fe4e77a56041b97dd273156ec51ef8e
Signed-off-by: Samuel Holland <samuel@sholland.org>
When operating on the local cpu, sunxi_cpu_power_off_self() only "arms"
the ARISC to perform the power-off process; the SCP waits for the CPU to
enter WFI before acutally powering it off. Since this matches the
expected split between .pwr_domain_off and .pwr_domain_pwr_down_wfi, we
can move the sunxi_cpu_power_off_self() call to sunxi_pwr_domain_off().
Since that change makes sunxi_pwr_down_wfi() equivalent to the default
implementation, the callback is no longer needed.
Change-Id: I7d65f66c550d1c69fa5e9945affd7a25b3d3ef42
Signed-off-by: Samuel Holland <samuel@sholland.org>