When TF-A is built with RESET_TO_BL31=1 option, BL31 is the
first image to be run and should have all the memory allocated
to it except for the memory reserved for Shared RAM at the start
of Trusted SRAM.
This patch fixes FVP BL31 load address and its image size for
RESET_TO_BL31=1 option. BL31 startup address should be set to
0x400_1000 and its maximum image size to the size of Trusted SRAM
minus the first 4KB of shared memory.
Loading BL31 at 0x0402_0000 as it is currently stated in
'\docs\plat\arm\fvp\index.rst' causes EL3 exception when the
image size gets increased (i.e. building with LOG_LEVEL=50)
but doesn't exceed 0x3B000 not causing build error.
Change-Id: Ie450baaf247f1577112f8d143b24e76c39d33e91
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Adding support for 32MHz UART clock and selecting it as the
default UART clock
Change-Id: I9541eaff70424e85a3b5ee4820ca0e7efb040d2c
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Running checkpatch.pl on the codebase and making required changes
Change-Id: I7d3f8764cef632ab2a6d3c355c68f590440b85b8
Signed-off-by: Avinash Mehta <avinash.mehta@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Note: This patch implements in-band messaging protocol only.
ARM has launched a next version of MHU i.e. MHUv2 with its latest
subsystems. The main change is that the MHUv2 is now a distributed IP
with different peripheral views (registers) for the sender and receiver.
Another main difference is that MHUv1 duplex channels are now split into
simplex/half duplex in MHUv2. MHUv2 has a configurable number of
communication channels. There is a capability register (MSG_NO_CAP) to
find out how many channels are available in a system.
The register offsets have also changed for STAT, SET & CLEAR registers
from 0x0, 0x8 & 0x10 in MHUv1 to 0x0, 0xC & 0x8 in MHUv2 respectively.
0x0 0x4 0x8 0xC 0x1F
------------------------....-----
| STAT | | | SET | | |
------------------------....-----
Transmit Channel
0x0 0x4 0x8 0xC 0x1F
------------------------....-----
| STAT | | CLR | | | |
------------------------....-----
Receive Channel
The MHU controller can request the receiver to wake-up and once the
request is removed, the receiver may go back to sleep, but the MHU
itself does not actively put a receiver to sleep.
So, in order to wake-up the receiver when the sender wants to send data,
the sender has to set ACCESS_REQUEST register first in order to wake-up
receiver, state of which can be detected using ACCESS_READY register.
ACCESS_REQUEST has an offset of 0xF88 & ACCESS_READY has an offset
of 0xF8C and are accessible only on any sender channel.
This patch adds necessary changes in a new file required to support the
latest MHUv2 controller. This patch also needs an update in DT binding
for ARM MHUv2 as we need a second register base (tx base) which would
be used as the send channel base.
Change-Id: I1455e08b3d88671a191c558790c503eabe07a8e6
Signed-off-by: Tushar Khandelwal <tushar.khandelwal@arm.com>
In extreme cases, the number of secure regions is one more than
non-secure regions. So array "s_base" and "s_top"s size
in struct param_ddr_usage need to be adjust to "DDR_REGION_NR_MAX + 1".
Signed-off-by: XiaoDong Huang <derrick.huang@rock-chips.com>
Change-Id: Ifc09da2c8f8afa1aebcc78f8fbc21ac95abdece2
Use space after #define consistently, drop useless parenthesis,
no functional change.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Change-Id: I72846d8672cab09b128e3118f4b7042a5a9c0df5
This patch changes the destination address of BL31 and BL32 From
fixed address for getting from the each certificates.
Signed-off-by: Toshiyuki Ogasahara <toshiyuki.ogasahara.bo@hitachi.com>
Signed-off-by: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com> # upstream rework
Change-Id: Ide11776feff25e6fdd55ab28503a15b658b2e0d5
* changes:
uniphier: make I/O register region configurable
uniphier: make PSCI related base address configurable
uniphier: make counter control base address configurable
uniphier: make UART base address configurable
uniphier: make pinmon base address configurable
uniphier: make NAND controller base address configurable
uniphier: make eMMC controller base address configurable
The offset there is the virtual address space on the bus side (1-9GB for 8GB RAM),
and that emi_mpu_set_region_protection will translate to the physical memory space (0-8GB).
8GB is 33-bit (the memory bus width is 33-bit on this platform),
so 0x23FFFFFFFUL-EMI_PHY_OFFSET = 0x1_FFFF_FFFF.
Change-Id: I7be4759ed7546f7e15a5868b6f08988928c34075
Signed-off-by: Xi Chen <xixi.chen@mediatek.com>
Adding support for generating a semi-random number required for
enabling building TF-A with stack protector support.
TF-A for corstone-700 may now be built using ENABLE_STACK_PROTECTOR=all
Change-Id: I03e1be1a8d4e4a822cf286f3b9ad4da4337ca765
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
* changes:
uniphier: extend boot device detection for future SoCs
uniphier: change block_addressing flag to bool
uniphier: change the return value type of .is_usb_boot() to bool
If an SCP firmware is present and able to communicate via SCPI, then use
that to implement CPU and system power state transitions, including CPU
hotplug and system suspend. Otherwise, fall back to the existing CPU
power control implementation.
The last 16 KiB of SRAM A2 are reserved for the SCP firmware, and the
SCPI shared memory is at the very end of this region (and therefore the
end of SRAM A2). BL31 continues to start at the beginning of SRAM A2
(not counting the ARISC exception vector area) and fills up to the
beginning of the SCP firmware.
Because the SCP firmware is not loaded adjacent to the ARISC exception
vector area, the jump instructions used for exception handling cannot be
included in the SCP firmware image, and must be initialized here before
turning on the SCP.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Change-Id: I37b9b9636f94d4125230423726f3ac5e9cdb551c
The function names follow the naming convention used by the existing
ARM SCPI client.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Change-Id: I543bae7d46e206eb405dbedfcf7aeba88a12ca48
The SCP firmware is allocated the last 16KiB of SRAM A2. This includes
the SCPI shared memory area, which must be mapped as MT_DEVICE to
prevent problems with cache coherency between the AP CPUs and the SCP.
For simplicity, map the whole SCP region as MT_DEVICE.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Change-Id: Ie39eb5ff281b8898a3c1d9748dc08755f528e2f8
The ARISC vector area consists of 0x4000 bytes before the beginning of
usable SRAM. Still, it is technically a part of SRAM A2, so include it
in the memory definition. This avoids the confusing practice of
subtracting from the beginning of the SRAM region when referencing the
ARISC vectors.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Change-Id: Iae89e01aeab93560159562692e03e88306e2a1bf
Each memory region slot occupies 16bypte space, so
correct the the offset of config register address.
Change-Id: Ief8f21bb8ada78b5663768ee1e40f9e0eae57165
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
The on-chip SRAM region will be changed in the next SoC. Make it
configurable. Also, split the mmap code into a new helper function
so that it can be re-used for another boot mode.
Change-Id: I89f40432bf852a58ebc9be5d9dec4136b8dc010b
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The I/O register region will be changed in the next SoC. Make it
configurable.
Change-Id: Iec0cbd1ef2d0703ebc7c3d3082edd73791bbfec9
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The next SoC will have:
- No boot swap
- SD boot
- No USB boot
Add new fields to handle this.
Change-Id: I772395f2c5dfc612e575b0cbd0657a5fa9611c25
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The register base address will be changed in the next SoC. Make it
configurable.
Change-Id: Ibe07bd9db128b0f7e629916cb6ae21ba7984eca9
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The flag, uniphier_emmc_block_addressing, is boolean logic, so
"bool' is more suitable.
uniphier_emmc_is_over_2gb() is not boolean - it returns 1 / 0
depending on the card density, or a negative value on failure.
Rename it to make it less confusing.
Change-Id: Ia646b1929147b644e0df07c46b54ab80548bc3bd
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The register base will be changed in the next SoC. Make it
configurable.
Change-Id: I4a7cf85fe50e4d71db58a3372a71774e43193bd3
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
This is boolean logic, so "bool" is more suitable.
Change-Id: I439c5099770600a65b8f58390a4c621c2ee487a5
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The next SoC supports the same UART, but the register base will be
changed. Make it configurable.
Change-Id: Ida5c9151b2f3554afd15555b22838437eef443f7
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The register base will be changed in the next SoC. Make it
configurable.
Change-Id: I9fbb6bdd1cf06207618742d4ad7970d911c9bc26
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The next SoC does not support the NAND controller, but make the base
address configurable for consistency and future proof.
Change-Id: I776e43ff2b0408577919b0b72849c3e1e5ce0758
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
The next SoC supports the same eMMC controller, but the register
base will be changed. Make it configurable.
Change-Id: I00cb5531bc3d8d49357ad5e922cdd3d785355edf
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Forced hash generation used to always generate hash via RSA encryption.
This patch changes encryption based on ARM_ROTPK_LOCATION.
Also removes setting KEY_ALG based on ARM_ROTPL_LOCATION - there is no
relation between these two.
Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
Change-Id: Id727d2ed06176a243719fd0adfa0cae26c325005
* changes:
SPMD: enable SPM dispatcher support
SPMD: hook SPMD into standard services framework
SPMD: add SPM dispatcher based upon SPCI Beta 0 spec
SPMD: add support to run BL32 in TDRAM and BL31 in secure DRAM on Arm FVP
SPMD: add support for an example SPM core manifest
SPMD: add SPCI Beta 0 specification header file
This patch adds support to the build system to include support for the SPM
dispatcher when the SPD configuration option is spmd.
Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Change-Id: Ic1ae50ecd7403fcbcf1d318abdbd6ebdc642f732
This patch reserves and maps the Trusted DRAM for SPM core execution.
It also configures the TrustZone address space controller to run BL31
in secure DRAM.
Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Change-Id: I7e1bb3bbc61a0fec6a9cb595964ff553620c21dc
This patch repurposes the TOS FW configuration file as the manifest for
the SPM core component which will reside at the secure EL adjacent to
EL3. The SPM dispatcher component will use the manifest to determine how
the core component must be initialised. Routines and data structure to
parse the manifest have also been added.
Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Change-Id: Id94f8ece43b4e05609f0a1d364708a912f6203cb
* changes:
plat/arm: add board support for rd-daniel platform
plat/arm/sgi: move GIC related constants to board files
platform/arm/sgi: add multi-chip mode parameter in HW_CONFIG dts
board/rdn1edge: add support for dual-chip configuration
drivers/arm/scmi: allow use of multiple SCMI channels
drivers/mhu: derive doorbell base address
plat/arm/sgi: include AFF3 affinity in core position calculation
plat/arm/sgi: add macros for remote chip device region
plat/arm/sgi: add chip_id and multi_chip_mode to platform variant info
plat/arm/sgi: move bl31_platform_setup to board file
RD-E1-Edge platform consists of two clusters with eight CPUs each and
two processing elements (PE) per CPU. Commit a9fbf13e04 (plat/arm/sgi:
move topology information to board folder) defined the RD-E1-Edge
topology tree to have two clusters with eight CPUs each but PE per CPU
entries were not added. This patch fixes the topology tree accordingly.
Change-Id: I7f97f0013be60e5d51c214fce3962e246bae8a0b
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
In preparation for adding support for Reference Design platforms
which have different base addresses for GIC Distributor or
Redistributor, move GIC related base addresses to individual platform
definition files.
Change-Id: Iecf52b4392a30b86905e1cd047c0ff87d59d0191
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Introduce macro 'CSS_SGI_CHIP_COUNT' to allow Arm CSS platforms with
multi-chip support to define number of chiplets on the platform. By
default, this flag is set to 1 and does not affect the existing single
chip platforms.
For multi-chip platforms, override the default value of
CSS_SGI_CHIP_COUNT with the number of chiplets supported on the
platform. As an example, the command below sets the number of chiplets
to two on the RD-N1-Edge multi-chip platform:
export CROSS_COMPILE=<path-to-cross-compiler>
make PLAT=rdn1edge CSS_SGI_CHIP_COUNT=2 ARCH=aarch64 all
Change-Id: If364dc36bd34b30cc356f74b3e97633933e6c8ee
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Include multi-chip-mode parameter in HW_CONFIG dts to let next stage of
boot firmware know about the multi-chip operation mode.
Change-Id: Ic7535c2280fd57180ad14aa0ae277cf0c4d1337b
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
RD-N1-Edge based platforms can operate in dual-chip configuration
wherein two rdn1edge SoCs are connected through a high speed coherent
CCIX link.
This patch adds a function to check if the RD-N1-Edge platform is
operating in multi-chip mode by reading the SID register's NODE_ID
value. If operating in multi-chip mode, initialize GIC-600 multi-chip
operation by overriding the default GICR frames with array of GICR
frames and setting the chip 0 as routing table owner.
The address space of the second RD-N1-Edge chip (chip 1) starts from the
address 4TB. So increase the physical and virtual address space size to
43 bits to accommodate the multi-chip configuration. If the multi-chip
mode configuration is detected, dynamically add mmap entry for the
peripherals memory region of the second RD-N1-Edge SoC. This is required
to let the BL31 platform setup stage to configure the devices in the
second chip.
PLATFORM_CORE_COUNT macro is set to be multiple of CSS_SGI_CHIP_COUNT
and topology changes are added to represent the dual-chip configuration.
In order the build the dual-chip platform, CSS_SGI_CHIP_COUNT macro
should be set to 2:
export CROSS_COMPILE=<path-to-cross-compiler>
make PLAT=rdn1edge CSS_SGI_CHIP_COUNT=2 ARCH=aarch64 all
Change-Id: I576cdaf71f0b0e41b9a9181fa4feb7091f8c7bb4
Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
On systems that have multiple platform components that can interpret the
SCMI messages, there is a need to support multiple SCMI channels (one
each to those platform components). Extend the existing SCMI interface
that currently supports only a single SCMI channel to support multiple
SCMI channels.
Change-Id: Ice4062475b903aef3b5e5bc37df364c9778a62c5
Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
In order to allow the MHUv2 driver to be usable with multiple MHUv2
controllers, use the base address of the controller from the platform
information instead of the MHUV2_BASE_ADDR macro.
Change-Id: I4dbab87b929fb0568935e6c8b339ce67937f8cd1
Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
AFF3 bits of MPIDR corresponds to Chip-Id in Arm multi-chip platforms.
For calculating linear core position of CPU cores from slave chips, AFF3
bits has to be used. Update `plat_arm_calc_core_pos` assembly function
to include AFF3 bits in calculation.
Change-Id: I4af2bd82ab8e31e18bc61de22705a73893954260
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Some of the Reference Design platforms like RD-N1-Edge can operate in
multi-chip configuration wherein two or more SoCs are connected through
a high speed coherent CCIX link. For the RD platforms, the remote chip
address space is at the offset of 4TB per chip. In order for the primary
chip to access the device memory region on the remote chip, the required
memory region entries need to be added as mmap entry. This patch adds
macros related to the remote chip device memory region.
Change-Id: I833810b96f1a0e7c3c289ac32597b6ba03344c80
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Multi-chip platforms have two or more identical chips connected using a
high speed coherent link. In order to identify such platforms,
add chip_id and multi_chip_mode information in the platform variant
info structure. The values of these two new elements is populated
during boot.
Change-Id: Ie6e89cb33b3f0f408814f6239cd06647053e23ed
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
For SGI-575 and RD platforms, move bl31_platform_setup handler to
individual board files to allow the platforms to perform board specific
bl31 setup.
Change-Id: Ia44bccc0a7f40a155b33909bcb438a0909b20d42
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Currently, an IO setup failure will be ignored on arm platform release
build. Change this to panic instead.
Change-Id: I027a045bce2422b0a0fc4ff9e9d4c6e7bf5d2f98
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Change the return type of "arm_io_is_toc_valid()" and
"plat_arm_bl1_fwu_needed()" to bool, to match function behavior.
Change-Id: I503fba211219a241cb263149ef36ca14e3362a1c
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Use the firmware configuration framework to store the io_policies
information inside the configuration device tree instead of the static
structure in the code base.
The io_policies required by BL1 can't be inside the dtb, as this one is
loaded by BL1, and only available at BL2.
This change currently only applies to FVP platform.
Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Use the firmware configuration framework in arm dynamic configuration
to retrieve mbedtls heap information between bl1 and bl2.
For this, a new fconf getter is added to expose the device tree base
address and size.
Change-Id: Ifa5ac9366ae100e2cdd1f4c8e85fc591b170f4b6
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Use fconf to retrieve the `disable_authentication` property.
Move this access from arm dynamic configuration to bl common.
Change-Id: Ibf184a5c6245d04839222f5457cf5e651f252b86
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
This patch introduces a better separation between the trusted-boot
related properties, and the dynamic configuration DTBs loading
information.
The dynamic configuration DTBs properties are moved to a new node:
`dtb-registry`. All the sub-nodes present will be provided to the
dynamic config framework to be loaded. The node currently only contains
the already defined configuration DTBs, but can be extended for future
features if necessary.
The dynamic config framework is modified to use the abstraction provided
by the fconf framework, instead of directly accessing the DTBs.
The trusted-boot properties are kept under the "arm,tb_fw" compatible
string, but in a separate `tb_fw-config` node.
The `tb_fw-config` property of the `dtb-registry` node simply points
to the load address of `fw_config`, as the `tb_fw-config` is currently
part of the same DTB.
Change-Id: Iceb6c4c2cb92b692b6e28dbdc9fb060f1c46de82
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Use the dtb provided by bl1 as configuration file for fconf.
Change-Id: I3f466ad9b7047e1a361d94e71ac6d693e31496d9
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Move the loading of the dtb from arm_dym_cfg to fconf. The new loading
function is not associated to arm platform anymore, and can be moved
to bl_main if wanted.
Change-Id: I847d07eaba36d31d9d3ed9eba8e58666ea1ba563
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Introduce the Firmware CONfiguration Framework (fconf).
The fconf is an abstraction layer for platform specific data, allowing
a "property" to be queried and a value retrieved without the requesting
entity knowing what backing store is being used to hold the data.
The default backing store used is C structure. If another backing store
has to be used, the platform integrator needs to provide a "populate()"
function to fill the corresponding C structure.
The "populate()" function must be registered to the fconf framework with
the "FCONF_REGISTER_POPULATOR()". This ensures that the function would
be called inside the "fconf_populate()" function.
A two level macro is used as getter:
- the first macro takes 3 parameters and converts it to a function
call: FCONF_GET_PROPERTY(a,b,c) -> a__b_getter(c).
- the second level defines a__b_getter(c) to the matching C structure,
variable, array, function, etc..
Ex: Get a Chain of trust property:
1) FCONF_GET_PROPERY(tbbr, cot, BL2_id) -> tbbr__cot_getter(BL2_id)
2) tbbr__cot_getter(BL2_id) -> cot_desc_ptr[BL2_id]
Change-Id: Id394001353ed295bc680c3f543af0cf8da549469
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Commit 8f73663b59 ("plat/arm: Support for Cortex A5 in FVP Versatile
Express platform") has conditioned the enabling of the Advanced SIMD
and floating point features to platforms that have:
(ARM_ARCH_MAJOR > 7) || defined(ARMV7_SUPPORTS_VFP)
QEMU does support VFP so it should set ARMV7_SUPPORTS_VFP.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Change-Id: I3bab7c2ed04766d0628c14094557b2751f60a428
This patch modify current address range checker in SiP driver to also
accept input size.
Also, include said checker for SiP mailbox send command to ensure
referenced argument is within expected address.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: Ie0c3cac4c3d1a6ea0194602d9aa3541f5d9a3367
Enables usage of ARM_ROTPK_LOCATION=regs for FVP board.
Removes hard-coded developer keys. Instead, setting
ARM_ROTPK_LOCATION=devel_* takes keys from default directory.
In case of ROT_KEY specified - generates a new hash and replaces the
original.
Note: Juno board was tested by original feature author and was not tested
for this patch since we don't have access to the private key. Juno
implementation was moved to board-specific file without changing
functionality. It is not known whether byte-swapping is still needed
for this platform.
Change-Id: I0fdbaca0415cdcd78f3a388551c2e478c01ed986
Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
Stack usage reaches 90% with some configuration. Bump slightly the stack
size to prevent a stack-overflow.
Change-Id: I44ce8b12906586a42f152b7677785fcdc5e78ae1
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
BL2 is unconditionally setting 0 (OPTEE_AARCH64) in arg0 even when the
BL32 image is 32bit (OPTEE_AARCH32). This is causing the boot to hang
when ATOS (32bit Amlogic BL32 binary-only TEE OS) is used.
Since we are not aware of any Amlogic platform shipping a 64bit version
of ATOS we can hardcode OPTEE_AARCH32 / MODE_RW_32 when using ATOS.
Signed-off-by: Carlo Caione <ccaione@baylibre.com>
Change-Id: Iaea47cf6dc48bf8a646056761f02fb81b41c78a3
Introduce the preliminary support for the Amlogic A113D (AXG) SoC.
This port is a minimal implementation of BL31 capable of booting
mainline U-Boot, Linux and chainloading BL32 (ATOS).
Tested on a A113D board.
Signed-off-by: Carlo Caione <ccaione@baylibre.com>
Change-Id: Ic4548fa2f7c48d61b485b2a6517ec36c53c20809
Fix code that violates the MISRA rule:
MISRA C-2012 Rule 11.9: Literal "0" shall not be used as
null pointer constant.
The fix explicitly checks whether a pointer is NULL.
Change-Id: Ibc318dc0f464982be9a34783f24ccd1d44800551
Signed-off-by: Zelalem <zelalem.aweke@arm.com>
This patch adds the nvg_roc_clean_cache_trbits() function prototype
to mce_private.h to fix compilation failures seen with the Tegra194
builds.
Change-Id: I313556f6799792fc0141afb5822cc157db80bc47
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This update allows normal world to send mailbox commands through SMC
Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I587bea06422da90e5907d586495cd9e3bde900f6
Introduce support for RSU that can be initiated through SMC calls.
Added features as below:
- RSU status
- RSU update
- RSU HPS notify
- RSU get sub-partition
Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I78d5a07688e43da99f03d77dfd45ffb4a78f2e4c
This patch adds 'fdtw_read_bytes' and 'fdtw_write_inplace_bytes'
functions for read/write array of bytes from/to a given property.
It also adds 'fdt_setprop_inplace_namelen_partial' to jmptbl.i
files for builds with USE_ROMLIB=1 option.
Change-Id: Ied7b5c8b38a0e21d508aa7bcf5893e656028b14d
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Platform handoff structure no longer includes boot source selection.
Hence, those settings can now be configured through socfpga_plat_def.h.
Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: If7ec6a03bb25156a6670ebf8f77105c370b553f6
Tegra186 is in production so lock stream id security configs
for all the clients.
Change-Id: I64bdd5a9f12319a543291bfdbbfc1559d7a44113
Signed-off-by: Pritesh Raithatha <praithatha@nvidia.com>
This patch removes support for simulated system suspend for Tegra194
platforms as we have actual silicon platforms that support this
feature now.
Change-Id: I9ed1b002886fed7bbc3d890a82d6cad67e900bae
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This patch fixes violations of the following MISRA rules
* Rule 8.5 "An external object or function shall be declared once in
one and only one file"
* Rule 10.3 "The value of an expression shall not be assigned to an
object with a narrower essential type or of a different
esential type category"
Change-Id: I4314cd4fea0a4adc6665868dd31e619b4f367e14
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This patch fixes violations for the following MISRA rules
* Rule 5.7 "A tag name shall be a unique identifier"
* Rule 10.1 "Operands shall not be of an inappropriate essential type"
* Rule 10.3 "The value of an expression shall not be assigned to an object
with a narrower essential type or of a different essential type
category"
* Rule 10.4 "Both operands of an operator in which the usual arithmetic
conversions are performed shall have the same essential type
category"
* Rule 20.7 "Expressions resulting from the expansion of macro parameters
shall be enclosed in parentheses"
* Rule 21.1 "#define and #undef shall not be used on a reserved identifier
or reserved macro name"
Change-Id: I83cbe659c2d72e76dd4759959870b57c58adafdf
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This patch fixes violations for the following MISRA rules
* Rule 8.4 "A compatible declaration shall be visible when an object or
function with external linkage is defined"
* Rule 10.1 "Operands shall not be of an inappropriate essential type"
* Rule 10.6 "Both operands of an operator in which the usual arithmetic
conversions are perdormed shall have the same essential type
category"
* Rule 17.7 "The value returned by a function having non-void return
type shall be used"
Change-Id: I171ac8340de729fd7be928fa0c0694e9bb8569f0
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
The PMC driver is used only by Tegra210 and Tegra132 platforms. This
patch removes pmc.c from the common makefile and moves it to the
platform specific makefiles.
As a result, the PMC code from common code has been moved to Tegra132
and Tegra210 platform ports.
Change-Id: Ia157f70e776b3eff3c12eb8f0f02d30102670a98
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This patch removes the per-platform, weakly defined TZDRAM setup handler,
as all affected platforms implement the actual handler.
Change-Id: I95d04b2a771bc5d673e56b097d45c493fa388ee8
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This patch removes the weakly defined per-platform SiP handler
as all platforms implement this handler, defeating the need for
a weak definition.
Change-Id: Id4c7e69163d2635de1813f5a385ac874253a8da9
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This patch removes all the weakly defined PSCI handlers defined
per-platform, to improve code coverage numbers and reduce MISRA
defects.
Change-Id: I0f9c0caa0a6071d0360d07454b19dcc7340da8c2
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This patch converts the weakly defined platform setup handlers into
actual platform specific handlers to improve code coverage numbers
and some MISRA defects.
The weakly defined handlers never get executed thus resulting in
lower coverage - function, function calls, statements, branches
and pairs.
Change-Id: I02f450f66b5754a90d934df4d76eb91459fca5f9
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Tegra194 supports upto 64GB of DRAM, whereas the previous SoCs support
upto 32GB DRAM. This patch moves the common DRAM base/end macros to
individual Tegra SoC headers to fix this anomaly.
Change-Id: I1a9f386b67c2311baab289e726d95cef6954071b
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Extend possible images to 8, additionaly add another type which will be
used with platform containing up to 3 CPs.
Change-Id: Ib68092d11af9801e344d02de839f53127e056e46
Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
In order to access MG SRAM, the amb bridge needs to be configured which is
done in bl2 platform init.
For MG CM3, the image is only loaded to its SRAM and the CM3 itself is
left in reset. It is because the next stage bootloader (e.g. u-boot)
will trigger action which will take it out of reset when needed. This
can happen e.g. when appropriate device-tree setup (which has enabled
802.3 auto-neg) will be chosen. In other cases the MG CM3 should not be
running.
Change-Id: I816ea14e3a7174eace068ec44e3cc09998d0337e
Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
pm_get_callbackdata() expect result count and not total bytes of
result. Correct it by passing result count to pm_get_callbackdata().
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I01ce0002f7a753e81ea9fe65edde8420a13ed51a
To find result count use ARRAY_SIZE for better readability.
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I97201de4d43024e59fa78bd61937c86d47724ab5
Allows to select the chain of trust to use when the Trusted Boot feature
is enabled. This affects both the cert_create tool and the firmware
itself.
Right now, the only available CoT is TBBR.
Change-Id: I7ab54e66508a1416cb3fcd3dfb0f055696763b3d
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
This patch enables uboot's spl entrypoint to BL31 and also handles
secondary cpus state during cold boot.
Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: Ib70ec91a3ad09a568cb66e7c1e23a2b3e460746c
This flag warns if anything is declared more than once in the same
scope, even in cases where multiple declaration is valid and changes
nothing.
Consequently, this patch also fixes the issues reported by this
flag. Consider the following two lines of code from two different source
files(bl_common.h and bl31_plat_setup.c):
IMPORT_SYM(uintptr_t, __RO_START__, BL_CODE_BASE);
IMPORT_SYM(unsigned long, __RO_START__, BL2_RO_BASE);
The IMPORT_SYM macro which actually imports a linker symbol as a C expression.
The macro defines the __RO_START__ as an extern variable twice, one for each
instance. __RO_START__ symbol is defined by the linker script to mark the start
of the Read-Only area of the memory map.
Essentially, the platform code redefines the linker symbol with a different
(relevant) name rather than using the standard symbol. A simple solution to
fix this issue in the platform code for redundant declarations warning is
to remove the second IMPORT_SYM and replace it with following assignment
static const unsigned long BL2_RO_BASE = BL_CODE_BASE;
Change-Id: If4835d1ee462d52b75e5afd2a59b64828707c5aa
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
The Secure Configuration Register is 64-bits in AArch64 and 32-bits in
AArch32. Use u_register_t instead of unsigned int to reflect this.
Change-Id: I51b69467baba36bf0cfaec2595dc8837b1566934
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
* changes:
ti: k3: drivers: ti_sci: Put sequence number in coherent memory
ti: k3: drivers: ti_sci: Remove indirect structure of const data
ti: k3: common: Enable ARM cluster power down
ti: k3: common: Rename device IDs to be more consistent
This patch enables the config to switch to the console provided
by the SPE firmware.
Change-Id: I5a3bed09ee1e84f958d0925501d1a79fb7f694de
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
In order to support SEPARATE_NOBITS_REGION for Arm platforms, we need to load
BL31 PROGBITS into secure DRAM space and BL31 NOBITS into SRAM. Hence mandate
the build to require that ARM_BL31_IN_DRAM is enabled as well.
Naturally with SEPARATE_NOBITS_REGION enabled, the BL31 initialization code
cannot be reclaimed to be used for runtime data such as secondary cpu stacks.
Memory map for BL31 NOBITS region also has to be created.
Change-Id: Ibbc8c9499a32e63fd0957a6e254608fbf6fa90c9
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
The current message sequence number is accessed both with caches on and
off so put this memory in the un-cached coherent section so accesses
are consistent and coherency is maintained.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Change-Id: Ieeefefeaffc691e4e4c4de7c74490d50ff9de807
The 'info' structure contained what is only static data for this
implementation of TI-SCI. Remove this indirection and remove the
struct.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Change-Id: I2328fddf388bf7d56a56bd673c080e78c86fe072
When all cores in a cluster are powered down the parent cluster can
be also powered down. When the last core has requested powering down
follow by sending the cluster power down sequence to the system
power controller firmware.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Change-Id: I0ffeb339852c66ef62743aecd3e17ca20bad6216
The core number is called 'core_id' but the processor and device IDs are
called 'proc' and 'device'. Rename these to make them less confusing.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Change-Id: I3d7c6dddd7aa37b5dee1aa9689ce31730e9c3b59
* changes:
uniphier: make all BL images completely position-independent
uniphier: make uniphier_mmap_setup() work with PIE
uniphier: pass SCP base address as a function parameter
uniphier: set buffer offset and length for io_block dynamically
uniphier: use more mmap_add_dynamic_region() for loading images
bl_common: add BL_END macro
uniphier: turn on ENABLE_PIE
TSP: add PIE support
BL2_AT_EL3: add PIE support
BL31: discard .dynsym .dynstr .hash sections to make ENABLE_PIE work
PIE: pass PIE options only to BL31
Build: support per-BL LDFLAGS
The platform topology description of the upcoming Arm's RD platforms
have different topology than those listed in the sgi_topology.c file. So
instead of adding platform specific topology into existing
sgi_topology.c file, those can be added to respective board files. In
order to maintain consistency with the upcoming platforms, move the
existing platform topology description to respective board files.
Change-Id: I4689c7d24cd0c75a3dc234370c34a85c08598abb
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
As on SGI platforms, SCPI is unsupported on SGM platforms.
Change-Id: I556ed095b9eb55b72447230ee2725d3c76160a08
Signed-off-by: Chris Kay <chris.kay@arm.com>
This platform supports multiple SoCs. The next SoC will still keep
quite similar architecture, but the memory base will be changed.
The ENABLE_PIE improves the maintainability and usability. You can reuse
a single set of BL images for other SoC/board without re-compiling TF-A
at all. This will also keep the code cleaner because it avoids #ifdef
around various base addresses.
By defining ENABLE_PIE, BL2_AT_EL3, BL31, and BL32 (TSP) are really
position-independent now. You can load them anywhere irrespective of
their link address.
Change-Id: I8d5e3124ee30012f5b3bfa278b0baff8efd2fff7
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
BL2_BASE, BL31_BASE, and BL32_BASE are defined in platform_def.h,
that is, determined at link-time.
On the other hand, BL2_END, BL31_END, and BL32_END are derived from
the symbols produced by the linker scripts. So, they are fixed-up
at run-time if ENABLE_PIE is enabled.
To make it work in a position-indepenent manner, use BL_CODE_BASE and
BL_END, both of which are relocatable.
Change-Id: Ic179a7c60eb64c5f3024b178690b3ac7cbd7521b
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Currently, UNIPHIER_SCP_BASE is hard-coded in uniphier_scp_start(),
which is not handy for PIE.
Towards the goal of making this really position-independent, pass in
image_info->image_base.
Change-Id: I88e020a1919c607b1d5ce70b116201d95773bb63
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Currently, the .buffer field in io_block_dev_spec is statically set,
which is not handy for PIE.
Towards the goal of making this really position-independent, set the
buffer length and length in the uniphier_io_block_setup() function.
Change-Id: I22b20d7b58d6ffd38f64f967a2820fca4bd7dade
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Currently, uniphier_bl2_mmap hard-codes the memory region needed for
loading other images.
Towards the goal of making this really position-independent, call
mmap_add_dynamic_region() before that region gets accessed.
Change-Id: Ieb505b91ccf2483e5f1a280accda564b33f19f11
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Now that various issues in the PIE support have been fixed,
this platform can enable ENABLE_PIE.
I tested BL2_AT_EL3, BL31, TSP, and all of them worked.
Change-Id: Ibc499c6bad30b7f81a42bfa7e435ce25f820bd9c
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
* changes:
Tegra194: mce: remove unused NVG functions
Tegra194: support for NVG interface v6.6
Tegra194: smmu: add PCIE0R1 mc reg to system suspend save list
Tegra194: enable driver for general purpose DMA engine
Tegra194: access XUSB_PADCTL registers on Si/FPGA platforms
Tegra194: organize the memory/mmio map to make it linear
Tegra194: memctrl: enable mc sid OVERRIDE for PCIE0R1
Tegra194: support for boot params wider than 32-bits
Tegra194: memctrl: set reorder depth limit for PCIE blocks
Tegra194: memctrl: program MC_TXN_OVERRIDE reg for PTCR, MPCORE and MIU
Tegra194: memctrl: set CGID_TAG_ADR instead of CGID_TAG_DEFAULT
Tegra194: memctrl: update mss reprogramming as HW PROD settings
Tegra194: memctrl: Disable PVARDC coalescer
Tegra194: memctrl: force seswr/rd transactions as passsthru & coherent
Tegra194: Request CG7 from last core in cluster
Tegra194: toggle SE clock during context save/restore
Tegra: bpmp: fix header file paths
* changes:
intel: Add function to check fpga readiness
intel: Add bridge control for FPGA reconfig
intel: FPGA config_isdone() status query
intel: System Manager refactoring
intel: Refactor reset manager driver
intel: Enable bridge access in Intel platform
intel: Modify non secure access function
PCIE0R1 security and override registers need to be preserved across
system suspend. Adding them to system suspend save register list.
Due to addition of above registers, increasing context save memory
by 2 bytes.
Change-Id: I1b3a56aee31f3c11e3edc2fb0a6da146eec1a30d
Signed-off-by: Pritesh Raithatha <praithatha@nvidia.com>
This patch enables the GPCDMA for all Tegra194 platforms to help
accelerate all the memory copy operations.
Change-Id: I8cbec99be6ebe4da74221245668b321ba9693479
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Many simulation/emulation platforms do not support this hardware block
leading to SErrors during register accesses.
This patch conditionally accesses the registers from this block only
on actual Si and FPGA platforms.
Change-Id: Ic22817a8c9f81978ba88c5362bfd734a0040d35d
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This patch organizes the platform memory/mmio map, so that the base
addresses for the apertures line up in ascending order. This makes
it easier for the xlat_tables_v2 library to create mappings for each
mmap_add_region call.
Change-Id: Ie1938ba043820625c9fea904009a3d2ccd29f7b3
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
PCIE0R1 does not program stream IDs, so allow the stream ID to be
overriden by the MC.
Change-Id: I4dbd71e1ce24b11e646de421ef68c762818c2667
Signed-off-by: Pritesh Raithatha <praithatha@nvidia.com>
The previous bootloader is not able to pass boot params wider than
32-bits due to an oversight in the scratch register being used. A
new secure scratch register #75 has been assigned to pass the higher
bits.
This patch adds support to parse the higher bits from scratch #75
and use them in calculating the base address for the location of
the boot params.
Scratch #75 format
====================
31:16 - bl31_plat_params high address
15:0 - bl31_params high address
Change-Id: Id53c45f70a9cb370c776ed7c82ad3f2258576a80
Signed-off-by: Steven Kao <skao@nvidia.com>
HW bug in third party PCIE IP - PCIE datapath hangs when there are
more than 28 outstanding requests on data backbone for x1 controller.
Suggested SW WAR is to limit reorder_depth_limit to 16 for
PCIE 1W/2AW/3W clients.
Change-Id: Id5448251c35d2a93f66a8b5835ae4044f5cef067
Signed-off-by: Puneet Saxena <puneets@nvidia.com>
-PTCR is ISO client so setting it to FORCE_NON_COHERENT.
-MPCORER, MPCOREW and MIU0R/W to MIU7R/W clients itself will provide
ordering so no need to override from mc.
-MIU0R/W to MIU7R/W clients registers are not implemented in tegrasim
so skipping it for simulation.
-All the clients need to set CGID_TAG_ADR to maintain request ordering
within a 4K boundary.
Change-Id: Iaa3189a1f3e40fb4cef28be36bc4baeb5ac8f9ca
Signed-off-by: Pritesh Raithatha <praithatha@nvidia.com>
- All SoC clients should use CGID_TAG_ADR to improve perf
- Remove tegra194_txn_override_cfgs array that is not getting used.
Change-Id: I9130ef5ae8659ed5f9d843ab9a0ecf58b5ce9c74
Signed-off-by: Pritesh Raithatha <praithatha@nvidia.com>
Memory clients are divided in to ISO/NonISO/Order/Unordered/Low
BW/High BW. Based on the client types, HW team recommends, different
memory ordering settings, IO coherency settings and SMMU register settings
for optimized performance of the MC clients.
For example ordered ISO clients should be set as strongly ordered and
should bypass SCF and directly access MC hence set as
FORCE_NON_COHERENT. Like this there are multiple recommendations
for all of the MC clients.
This change sets all these MC registers as per HW spec file.
Change-Id: I8a8a0887cd86bf6fe8ac7835df6c888855738cd9
Signed-off-by: Puneet Saxena <puneets@nvidia.com>
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Due to a hardware bug PVA may perform memory transactions which
cause coalescer faults. This change works around the issue by
disabling coalescer for PVA0RDC and PVA1RDC.
Change-Id: I27d1f6e7bc819fb303dae98079d9277fa346a1d3
Signed-off-by: Arto Merilainen <amerilainen@nvidia.com>
Force memory transactions from seswr and sesrd as coherent_snoop from
no-override. This is necessary as niso clients should use coherent
path.
Presently its set as FORCE_COHERENT_SNOOP. Once SE+TZ is enabled
with SMMU, this needs to be replaced by FORCE_COHERENT.
Change-Id: I8b50722de743b9028129b4715769ef93deab73b5
Signed-off-by: Puneet Saxena <puneets@nvidia.com>
- SC7 requires all the cluster groups to be in CG7 state, else
is_sc7_allowed will get denied
- As a WAR while requesting CC6, request CG7 as well
- CG7 request will not be honored if it is not last core in Cluster
group
- This is just to satisfy MCE for now as CG7 is going to be defeatured
Change-Id: Ibf2f8a365a2e46bd427abd563da772b6b618350f
Signed-off-by: Vignesh Radhakrishnan <vigneshr@nvidia.com>
This patch adds support to toggle SE clock, using the bpmp_ipc
interface, to enable SE context save/restore. The SE sequence mostly
gets called during System Suspend/Resume.
Change-Id: I9cee12a9e14861d5e3c8c4f18b4d7f898b6ebfa7
Signed-off-by: steven kao <skao@nvidia.com>
This patch fixes the header file paths to include debug.h
from the right location.
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Change-Id: If303792d2169158f436ae6aa5b6d7a4f88e28f7b
This makes the PSCI SYSTEM_OFF call work on QEMU. It assumes that QEMU has
semihosting enabled, but that is already assumed by the image loader.
Signed-off-by: Andrew Walbran <qwandor@google.com>
Change-Id: I0fb7cf7909262b675c3143efeac07f4d60730b03
This lets the Linux kernel or any other image which expects an FDT in x0 be
loaded directly as BL33 without a separate bootloader on QEMU.
Signed-off-by: Andrew Walbran <qwandor@google.com>
Change-Id: Ia8eb4710a3d97cdd877af3b8aae36a2de7cfc654
Parse the parameter structure the PLM populates, to populate the
bl32 and bl33 image structures.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: I317072d1086f6cc6f90883c1b8b6d086ff57b443
ATF handover can be used by Xilinx platforms, so move it to common
file from platform specific files.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: I5f0839351f534619de581d1953c8427a079487e0
Even though ERET always causes a jump to another address, aarch64 CPUs
speculatively execute following instructions as if the ERET
instruction was not a jump instruction.
The speculative execution does not cross privilege-levels (to the jump
target as one would expect), but it continues on the kernel privilege
level as if the ERET instruction did not change the control flow -
thus execution anything that is accidentally linked after the ERET
instruction. Later, the results of this speculative execution are
always architecturally discarded, however they can leak data using
microarchitectural side channels. This speculative execution is very
reliable (seems to be unconditional) and it manages to complete even
relatively performance-heavy operations (e.g. multiple dependent
fetches from uncached memory).
This was fixed in Linux, FreeBSD, OpenBSD and Optee OS:
679db7080129fb48ace43a08873eceabfd092aa1
It is demonstrated in a SafeSide example:
https://github.com/google/safeside/blob/master/demos/eret_hvc_smc_wrapper.cchttps://github.com/google/safeside/blob/master/kernel_modules/kmod_eret_hvc_smc/eret_hvc_smc_module.c
Signed-off-by: Anthony Steinhauser <asteinhauser@google.com>
Change-Id: Iead39b0b9fb4b8d8b5609daaa8be81497ba63a0f
* changes:
plat: xilinx: Move pm_client.h to common directory
plat: xilinx: versal: Make silicon default build target
xilinx: versal: Wire silicon default setup
versal: Increase OCM memory size for DEBUG builds
plat: xilinx: versal: Dont set IOU switch clock
arm64: versal: Adjust cpu clock for versal virtual
xilinx: versal: Add support for PM_GET_OPERATING_CHARACTERISTIC EEMI call
plat: versal: Add Get_ChipID API
plat: xilinx: versal: Add load Pdi API support
xilinx: versal: Add feature check API
xilinx: versal: Implement set wakeup source for client
plat: xilinx: versal: Add GET_CALLBACK_DATA function
xilinx: versal: Add PSCI APIs for system shutdown & reset
xilinx: versal: Add PSCI APIs for suspend/resume
xilinx: versal: Remove no_pmc ops to ON power domain
xilinx: versal: Add set wakeup source API
xilinx: versal: Add client wakeup API
xilinx: versal: Add query data API
xilinx: versal: Add request wakeup API
xilinx: versal: Add PM_INIT_FINALIZE API for versal
xilinx: versal: Add support of PM_GET_TRUSTZONE_VERSION API
xilinx: versal: enable ipi mailbox service
xilinx: move ipi mailbox svc to xilinx common
plat: xilinx: versal: Implement PM IOCTL API
xilinx: versal: Implement power down/restart related EEMI API
xilinx: versal: Add SMC handler for EEMI API
xilinx: versal: Implement PLL related PM APIs
xilinx: versal: Implement clock related PM APIs
xilinx: versal: Implement pin control related PM APIs
xilinx: versal: Implement reset related PM APIs
xilinx: versal: Implement device related PM APIs
xilinx: versal: Add support for suspend related APIs
xilinx: versal: Add get_api_version support
xilinx: Add support to send PM API to PMC using IPI for versal
plat: xilinx: versal: Move versal_def.h to include directory
plat: xilinx: versal: Move versal_private.h to include directory
plat: xilinx: zynqmp: Use GIC framework for warm restart
In order to support SEPARATE_NOBITS_REGION for Arm platforms, we need to load
BL31 PROGBITS into secure DRAM space and BL31 NOBITS into SRAM. Hence mandate
the build to require that ARM_BL31_IN_DRAM is enabled as well.
Naturally with SEPARATE_NOBITS_REGION enabled, the BL31 initialization code
cannot be reclaimed to be used for runtime data such as secondary cpu stacks.
Memory map for BL31 NOBITS region also has to be created.
Change-Id: Ibd480f82c1dc74e9cbb54eec07d7a8fecbf25433
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
* changes:
Tegra194: platform handler for entering CPU standby state
Tegra194: memctrl: force viw and vifalr/w transactions as non-coherent
Tegra194: memctrl: fix bug in client order id reg value generation
Tegra194: memctrl: enable mc coalescer
Tegra194: update scratch registers used to read boot parameters
Tegra194: implement system shutdown/reset handlers
Tegra194: mce: support for shutdown and reboot
Tegra194: request CG7 before checking if SC7 is allowed
Tegra194: config to enable/disable strict checking mode
Tegra194: remove unused platform configs
Tegra194: restore XUSB stream IDs on System Resume
Remove the general BL31 mmap region: it duplicates the existing static
mapping for the entire SRAM region. Use the helper definitions when
applicable to simplify the code and add the MT_EXECUTE_NEVER flag.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Change-Id: I7a6b79e50e4b5c698774229530dd3d2a89e94a6d
STM32MP1 platform is able to boot from SPI-NOR devices.
These modifications add this support using the new
SPI-NOR framework.
Change-Id: I75ff9eba4661f9fb87ce24ced2bacbf8558ebe44
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
STM32MP1 platform is able to boot from SPI-NAND devices.
These modifications add this support using the new
SPI-NAND framework.
Change-Id: I0d5448bdc4bde153c1209e8043846c0f935ae5ba
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
STM32MP1 platform is able to boot from raw NAND devices.
These modifications add this support using the new
raw NAND framework.
Change-Id: I9e9c2b03930f98a5ac23f2b6b41945bef43e5043
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
For STM32MP1, the address space is 4GB, which can be first divided
in 4 parts of 1GB. This LVL1 table is already mapped regardless
of MAX_XLAT_TABLES.
Fixing typo: Replace Ko to KB.
BL2/sp_min for platform STM32MP1 requires 4 MMU translation tables:
- a level2 table and a level3 table for identity mapped SYSRAM
- a level2 table mapping 2MB of BootROM runtime resources
- a level2 table mapping 2MB of secure DDR (case BL32 is OP-TEE)
Change-Id: If80cbd4fccc7689b39dd540d6649b1313557f326
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Add a new entry to find register properties by name and
include new assert functions to limit address cells to 1
and size cells to 1.
Change-Id: Ide59a795a05fb2af36bd07fec15e5a3adf196226
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Adds compilation flags to specify which drivers will be
embedded in the generated firmware.
Change-Id: Ie9decc89c3f26cf17e7148a3a4cf337fd35940f7
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
* changes:
zynqmp: pm: clock: Move custom flags to typeflags
zynqmp: pm: clock: Add support for custom type flags
plat: xilinx: zynqmp: Add GET_CALLBACK_DATA function
zynqmp: pm: Remove CLK_TOPSW_LSBUS from invalid clock list
This patch implements a handler to enter the standby state on
Tegra194 platforms. On receiving a CPU_STANDBY state request,
the platform handler issues TEGRA_NVG_CORE_C6 request to the
MCE firmware to take the CPU into the standby state.
Change-Id: I703a96ec12205853ddb3c3871b23e338e1f60687
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Force memory transactions from viw and viflar/w as non-coherent from
no-override. This is necessary as iso clients shouldn't use coherent
path and stage-2 smmu mappings won't mark transactions as non-coherent.
For native case, no-override works. But, not for virtualization case.
Change-Id: I1a8fc17787c8d0f8579bdaeeb719084993e27276
Signed-off-by: Krishna Reddy <vdumpa@nvidia.com>
Client order id reset values are incorrectly and'ed with
mc_client_order_id macro, which resulted in getting reg value as
always zero. Updated mc_client_order_id macro to avoid and'ing outside
the macro, to take the reg value and update specific bit field
as necessary.
Change-Id: I880be6e4291d7cd58cf70d7c247a4044e57edd9e
Signed-off-by: Krishna Reddy <vdumpa@nvidia.com>
This patch enable the Memory Controller's "Coalescer" feature to
improve performance of memory transactions.
Change-Id: I50ba0354116284f85d9e170c293ce77e9f3fb4d8
Signed-off-by: Pritesh Raithatha <praithatha@nvidia.com>
This patch changes SCRATCH_BOOT_PARAMS_ADDR macro to use SECURE_SCRATCH_RSV81
instead of SECURE_SCRATCH_RSV44. The previous level bootloader changed this
setting, so update here to keep both components in sync.
Change-Id: I4e0c1b54fc69482d5513a8608d0bf616677e1bdd
Signed-off-by: steven kao <skao@nvidia.com>
This patch implements the PSCI system shutdown and reset handlers,
that in turn issue the MCE commands.
Change-Id: Ia9c831674d7be615a6e336abca42f397e4455572
Signed-off-by: Vignesh Radhakrishnan <vigneshr@nvidia.com>
This patch adds support for shutdown/reboot handlers to the MCE
driver.
ATF communicates with mce using nvg interface for shutdown &
reboot. Both shutdown and reboot use the same nvg index.
However, the 1st bit of the nvg data argument differentiates
whether its a shutdown or reboot.
Change-Id: Id2d1b0c4fec55abf69b7f8adb65ca70bfa920e73
Signed-off-by: Vignesh Radhakrishnan <vigneshr@nvidia.com>
Currently firmware seems to be checking if we can get into system
suspend after checking if CC6 & C7 is allowed. For system suspend
to be triggered, the firmware needs to request for CG7 as well.
This patch fixes this anomaly.
Change-Id: I39c4c50092a4288f4f3fa4b0b1d5026be50f058f
Signed-off-by: Vignesh Radhakrishnan <vigneshr@nvidia.com>
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This patch adds a new configuration option to the platform makefiles
that disables/enables strict checking mode. The config is enabled
by default.
Change-Id: I727dd0facee88d9517bf6956eaf9163eba25c8bb
Signed-off-by: Steven Kao <skao@nvidia.com>
The stream IDs for XUSB programmed during cold boot are lost on System
Suspend. This patch restores the XUSB stream IDs on System Resume.
NOTE: THE WARMBOOT CODE NEEDS TO MAKE SURE THAT THE XUSB MODULE IS OUT
OF RESET AND THE CLOCKS ARE ENABLED, BEFORE POWERING ON THE CPU, DURING
SYSTEM RESUME.
Change-Id: Ibd5f1e5ebacffa6b29b625f4c41ecf204afa8191
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Create a function to check for fpga readiness, and move the checking out
of bridge enable function.
Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I3f473ffeffa9ce181a48977560c8bda19c6123c0
This is to make sure that bridge access in disabled before doing full
FPGA reconfiguration and turn re-enable it once the configuration
succeed.
Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I1f42fbf04ac1625048bbdf21b8a0443464ed833d
SiP CONFIG_ISDONE now will query status for either CONFIG_STATUS or
RECONFIG_STATUS based on passed parameter
Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: Idb8a84af4e98654759843de09a289d31246c9a91
Refactored system manager driver to be shared across both intel platform
Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: Ic4d056c3d15c3152403dc11641c2452770a6162d
Refactor reset manager into intel common platform directory as it can be
shared by both Stratix 10 and Agilex. Register address and field is now
referred through macros.
Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: Id6d50f2a2f5a6bd8d6746b84602ac17ec7f6c07a
Add bridge enablement features for each platform.
The bridge access will be enabled automatically for FPGA 1st
configuration only.
Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I264757b257a209e1c3c4206660f21c5d67af0d2f
Combine both peripheral and bridge non-secure access code
into a single callable function
Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I38d335ed8d1e9f55d337b63cca121a473897ef70
Move pm_client.h to common directory to avoid duplication
of function declaration.
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: Iea542e681f42db089cccd9b24d286ac8f0a2ce35
This patch makes default build target as silicon instead of QEMU.
The default can be overwritten by specifying it through build flag
VERSAL_PLATFORM.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: Ia4cb1df1f206db3e514e8ce969acca875e973ace
Add new option for serial and default clock setup.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I0ca7ad51637cdaa6bb891f22c53595d20da7236a
ATF can't fit in current OCM size when the DEBUG is enabled, so
increase the OCM size to use 128Kb.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I2ebfd1f2e9db9c0b28770aea7f8fbf1a8a15787a
The IOU switch clock will be set by PLM during boot so there is no need to
set here and hence this patch removes it.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I1512708411eb07a07c1a8fbd66575efee975431a
This patch modifies cpu clock for Xilinx Versal virtual
platform in order to keep same as used by QEMU.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I169d082462d7ce94a82c62966ab9eb122c5a3fee
This patch adds EEMI support for PM_GET_OPERATING_CHARACTERISTIC api id. This
interface obtains operating characteristic of a device from PMC firmware. The
'power', 'temperature', and 'latency' characteristic are the options that are
supported.
Signed-off-by: Saeed Nowshadi <saeed.nowshadi@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: If30959ba6a3a778a17df2a4281c2c09832cf7e92
Add support for Get_ChipID API in Versal which calls corresponding
LibPM API.
Signed-off-by: Ravi Patel <ravi.patel@xilinx.com>
Acked-by: Jolly Shah <jolly.shah@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I25c4b301721d7989d982ac376c59195c55564022
This patch adds support for load pdi api to enable loading
pdi from linux.
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I48549e276e1f7b9be45a0bebf559f73bd09d5f69
Add API to check availability of given API in ATF
as well as platform management controller and returns
the supported version number.
Signed-off-by: Ravi Patel <ravi.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I608b38f60b36c4d105b7a205ecb8b02de0c00f3c
Add support to set wakeup source for APU while suspending.
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Rajan Vaja <rajan.vaja@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I4809fd83a710def8144fdad74990c45e62b8fdf3
Add GET_CALLBACK_DATA function to get IPI callback
data in Linux during init suspend callback.
Signed-off-by: Rajan Vaja <rajan.vaja@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: Ieb60e561b5f656611f0702c43ba6a4296a012651
Add following APIs in plat_psci to support system shutdown & reset:
- versal_system_off
- versal_system_reset
Signed-off-by: Saeed Nowshadi <saeed.nowshadi@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: Ia2c1a19ded18984b393e1fdee760bf48b45e9902
Add following APIs in plat_psci to support suspend resume:
- versal_pwr_domain_off
- versal_pwr_domain_suspend
- versal_pwr_domain_suspend_finish
- versal_validate_power_state
- versal_get_sys_suspend_power_state
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Rajan Vaja <rajan.vaja@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: Ife908a45f32e2037c9c19e13211a8e4b373b8342
Add PMC ops for power domain ON and remove no_pmc ops.
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Rajan Vaja <rajan.vaja@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: Id4308dfe124b60a751765beb3397d1b0071f14fc
Implement set wakeup source API to pass SMC
call for set wakeup source to PLM (Platform Loader
and Manager).
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I654ce07235c0fc7dfcb81bf98820153255f61537
Implement client wakeup API for versal.
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Rajan Vaja <rajan.vaja@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I31b1b362fe645a82f89ce2d698ee71eb00cf15dc
Add PM_QUERY_DATA API to pass query data
EEMI call from Linux to PLM .
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I18735b72ab9cb62fb6cbc7582e77de6cb57f99b0
PM_INIT_FINALIZE is not required for versal. To use Linux
Zynqmp PM driver for versal, handle PM_INIT_FINALIZE API
in ATF for versal by always returning SUCCESS.
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I6fe5445d78e713d70282ac8931ff8b17c96b2a14
PM_GET_TRUSTZONE_VERSION API is required to use zynqmp-firmware
driver for versal. Add support of PM_GET_TRUSTZONE_VERSION API
for versal.
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: Ie1c859890096024cc8be67386e3fd0f5f8a4385f
As IPI mailbox service is common to both ZynqMP and Versal,
move it to xilinx/common.
Signed-off-by: Wendy Liang <wendy.liang@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I1a7008ccf7930829621147922d2c6d8d46df5502
Add PM IOCTL EEMI.
Below PLL related IOCTLs are not available in versal PLM.
* IOCTL_SET_PLL_FRAC_MODE
* IOCTL_GET_PLL_FRAC_MODE
* IOCTL_SET_PLL_FRAC_DATA
* IOCTL_SET_PLL_FRAC_DATA
PLM has new EEMI APIs for PLL related operations.
Call them instead of passing IOCTL API to PLM.
For other IOCTL, ATF just pass through IOCTL
request to PLM (Platform Loader and Manager).
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I96f8da46a4d3965c9291b7b2da96056408137839
Add power down/restart related below API
- Force power down
- System shutdown
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: Icd4a922923b1fd50eca1f5361f1e604aedcdb529
Add SMC handler for EEMI API calls coming from EL1/EL2.
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: If0ef2a1f2cfc2747be6b91828371bcbec56b1e15
Implement below pin control related APIs:
- Request pin
- Release pin
- Set pin function
- Get pin function
- Set pin parameter value
- Get pin parameter value
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: Ib805cc8c936b63206d44bf1f7bebd0f03f7b3c01
Add support for EEMI API get_api_verion.
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: Ic1ef90a194ae6164994a7fc5d8ff0b7b192636fe
Port ZynqMP PM services for versal to send PM APIs to PMC
using IPI.
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Wendy Liang <wendy.liang@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I27a52faf27f1a2919213498276a6885a177cb6da
Move versal_def.h to platform specific include directory.
Also, update source file to include header file from updated
path of versal_def.h
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I313592a17552843b9cc7048f31bcaaefa40ffd91
Move versal_private.h to platform specific include directory.
Also, rename it to plat_private.h instead of having platform
name. So, it can be used to common source files which needs
platform specific data.
Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I65eefbea7722ffa2760b992491c00eebef5bcef4
- Flag GICV2_G0_FOR_EL3 needs to be set for group interrupts
to be targeted to EL3.
- Raise SGI interrupts for individual CPU cores as GIC API
uses CPU num as parameter, not CPU mask.
- Flag WARMBOOT_ENABLE_DCACHE_EARLY needs to be set to enable
CPU interface mask work properly for all CPU cores which is
required when generating SGI.
- Call plat_ic_end_of_interrupt() from ttc_fiq_handler() to clear
GIC interrupt to avoid same interrupt again.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Rajan Vaja <rajan.vaja@xilinx.com>
Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
Change-Id: I71d4935b8d4688a3729c62753ca8a1a77cd92ae7