* changes:
plat/arm/board/fvp: Add support for Measured Boot
TF-A: Add support for Measured Boot driver to FCONF
TF-A: Add support for Measured Boot driver in BL1 and BL2
TF-A: Add Event Log for Measured Boot
TF-A: Add support for Measured Boot driver
This patch adds support for Event Log generation required
for Measured Boot functionality.
Change-Id: I34f05a33565e6659e78499d62cc6fb00b7d6c2dc
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
The Arm GIC-Clayton IP has the same power management requirements as
the GIC-600, when it comes to powering up the redistributors before
using them.
Add the IIDR value to the existing list of implementations requiring
the power sequence.
Change-Id: Ib965dfe278c40a4fff94f65a8d445c27a2ae6fd2
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
This patch moves all GICv2 driver files into new added
'gicv2.mk' makefile for the benefit of the generic driver
which can evolve in the future without affecting platforms.
NOTE: Usage of 'drivers/arm/gic/common/gic_common.c' file
is now deprecated and platforms with GICv2 driver need to
be modified to include 'drivers/arm/gic/v2/gicv2.mk' in
their makefiles.
Change-Id: Ib10e71bdda0e5c7e80a049ddce2de1dd839602d1
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
The cause of failure is not memory shortage.
The comment for ENFILE in include/lib/libc/errno.h
/* Too many open files in system */
... is a better match to the warning message here.
Change-Id: I45a1740995d464edd8b3e32b93f1f92ba17e5874
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
- Fix the line address macro
- LLC invalidate and enable before ways lock for allocation
- Add support for limited SRAM size allocation
- Add SRAM RW test function
Change-Id: I1867ece3047566ddd7931bd7472e1f47fb42c8d4
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Since the AP process can be enabled on different setups, the information
about used comphy lane should be passed to AP FW. For instance:
- A8K development board uses comphy lane 2 for eth 0
- cn913x development board uses comphy lane 4 for eth 0
Change-Id: Icf001fb3eea4d9c24c09384e49844ecaf8655ad2
Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
Now when mg_conf_cm3 driver is present - move all relevant code there.
Change-Id: I444d9e877c450d6ee69ca3a49b547e4c3aeac0be
Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
After configuring comphy to AP mode also start AP FW.
Change-Id: Ib28977d7ee643575a818ba17f69dea0b7e8e0df4
Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
Implement function which will allow to start AP FW.
Change-Id: Ie0fc8ad138bf56b10809cdc92d1e5e96a2aaf33f
Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
The assignments to 'result' are unneeded.
Change-Id: I18899f10bf9bd7f219f0e47a981683d8b4701bde
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Register in the shared resources driver the secure or non-secure state
of the HASH instances. Note that only BL32 needs to register the
shared peripheral because BL2 does not embed the shared resources
driver.
Change-Id: I7f78fa8e47da71d48ef8b1dfe4d6f040fe918d8b
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Register in the shared resources driver the secure or non-secure state
of the GPIO pins.
Change-Id: Ifda473bcbbb0af799be6587961d6641edf887605
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Register in the shared resources driver the secure or non-secure state
of the IWDG instances.
Change-Id: I3a3bc9525447f6a2a465891ca3a3fd5fe664ca07
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Register in the shared resources driver the secure or non-secure
state of the PMIC.
Change-Id: Ic1f172ba62785018f8e9bb321782d725e2d2f434
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Introduce stm32mp1_register_clock_parents_secure() in stm32mp1
clock driver to allow platform shared resources to register as
secure the parent clocks of a clock registered as secure.
Change-Id: I53a9ab6aa78ee840ededce67e7b12a84e08ee843
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
This patch adds the IIDR value for GIC600-AE to the gicv3_is_gic600()
helper function. This helps platforms supporting this version of the
GIC600 interrupt controller to function with the generic GIC driver.
Verified with tftf-validation test suite
******************************* Summary *******************************
> Test suite 'Framework Validation'
Passed
> Test suite 'Timer framework Validation'
Passed
=================================
Tests Skipped : 0
Tests Passed : 6
Tests Failed : 0
Tests Crashed : 0
Total tests : 6
=================================
NOTICE: Exiting tests.
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Change-Id: I518ae7b56f7f372e374e453287d76ca370fc3574
* changes:
plat: marvell: armada: a8k: add OP-TEE OS MMU tables
drivers: marvell: add support for mapping the entire LLC to SRAM
plat: marvell: armada: add LLC SRAM CCU setup for AP806/AP807 platforms
plat: marvell: armada: reduce memory size reserved for FIP image
plat: marvell: armada: platform definitions cleanup
plat: marvell: armada: a8k: check CCU window state before loading MSS BL2
drivers: marvell: add CCU driver API for window state checking
drivers: marvell: align and extend llc macros
plat: marvell: a8k: move address config of cp1/2 to BL2
plat: marvell: armada: re-enable BL32_BASE definition
plat: marvell: a8k: extend includes to take advantage of the phy_porting_layer
marvell: comphy: initialize common phy selector for AP mode
marvell: comphy: update rx_training procedure
plat: marvell: armada: configure amb for all CPs
plat: marvell: armada: modify PLAT_FAMILY name for 37xx SoCs
Cleaned up confused naming between TB_FW and FW_CONFIG.
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I9e9f6e6ca076d38fee0388f97d370431ae067f08
* changes:
drivers/scmi-msg: smt entry points for incoming messages
drivers/scmi-msg: support for reset domain protocol
drivers/scmi-msg: support for clock protocol
drivers/scmi-msg: driver for processing scmi messages
It is desired to have the peripheral writes completed to clear the
interrupt condition and de-assert the interrupt request to GIC before
EOI write. Failing which spurious interrupt will occurred.
A barrier is needed to ensure peripheral register write transfers are
complete before EOI is done.
GICv2 memory mapped DEVICE nGnR(n)E writes are ordered from core point
of view. However these writes may pass over different interconnects,
bridges, buffers leaving some rare chances for the actual write to
complete out of order.
GICv3 ICC EOI system register writes have no ordering against nGnR(n)E
memory writes as they are over different interfaces.
Hence a dsb can ensure from core no writes are issued before the previous
writes are *complete*.
Signed-off-by: Sandeep Tripathy <sandeep.tripathy@broadcom.com>
Change-Id: Ie6362009e2f91955be99dca8ece14ade7b4811d6
Add llc_sram_enable() and llc_sram_disable() APIs to Marvell
cache_lls driver.
Add LLC_SRAM definition to Marvell common makefile - disabled
by the default.
Add description of LLC_SRAM flag to the build documentation.
Change-Id: Ib348e09752ce1206d29268ef96c9018b781db182
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Add ccu_is_win_enabled() API for checking the CCU window
state using AP and window indexes.
Change-Id: Ib955a2cac28b2729b0a763f3bbbea28b476a2fe4
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Make all LLC-related macros to start with the same prefix
Add more LLC control registers definitions
This patch is a preparation step for LLC SRAM support
Change-Id: I0a4f0fc83e8ef35be93dd239a85f2a9f88d1ab19
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Configuring common phy selector which was missing for AP mode.
Change-Id: I15be1ba50b8aafe9094734abec139d72c18bb224
Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
1) Relay only on rx training, remove parts responsible for tx training
(trx training).
2) Add extra steps e.g. preconfigure FFE before starting training.
3) Remove some unnecessary steps like RRBS31 loopback setting which
shouldn't be relevant for tx_training.
Change-Id: Ib1e8567714f9ce33578186a262c339aa4b1c51f2
Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
* changes:
ddr: a80x0: add DDR 32-bit ECC mode support
ble: ap807: improve PLL configuration sequence
ble: ap807: clean-up PLL configuration sequence
ddr: a80x0: add DDR 32-bit mode support
plat: marvell: mci: perform mci link tuning for all mci interfaces
plat: marvell: mci: use more meaningful name for mci link tuning
plat: marvell: a8k: remove wrong or unnecessary comments
plat: marvell: ap807: enable snoop filter for ap807
plat: marvell: ap807: update configuration space of each CP
plat: marvell: ap807: use correct address for MCIx4 register
plat: marvell: add support for PLL 2.2GHz mode
plat: marvell: armada: make a8k_common.mk and mss_common.mk more generic
marvell: armada: add extra level in marvell platform hierarchy
This change implements SCMI channels for reading a SCMI message from a
shared memory and call the SCMI message drivers to route the message
to the target platform services.
SMT refers to the shared memory management protocol which is used
to get/put message/response in shared memory. SMT is a 28byte header
stating shared memory state and exchanged protocol data.
The processing entry for a SCMI message can be a secure interrupt
or fastcall SMCCC invocation.
SMT description in this implementation is based on the OP-TEE
project [1] itself based in the SCP-firmware implementation [2].
Link: [1] a58c4d706d
Link: [2] https://github.com/ARM-software/SCP-firmware.git
Change-Id: I416c7dab5c67954c6fe80bae8d8cdfdcda66873e
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Adds SCMI reset domain protocol support in the SCMI message drivers
as defined in SCMI specification v2.0 [1]. Not all the messages
defined in the specification are supported.
scmi_msg_get_rd_handler() sanitizes the message_id value
against any speculative use of reset domain ID as a index since by
SCMI specification, IDs are indices.
This implementation is based on the OP-TEE project implementation [2]
itself based on the SCP-firmware implementation [3] of the SCMI
protocol server side.
Link: [1] http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
Link: [2] 56a1f10ed9
Link: [3] https://github.com/ARM-software/SCP-firmware.git
Change-Id: If7cf13de40a815dedb40dcd5af8b6bb6725d9078
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Adds SCMI clock protocol support in the SCMI message drivers as
defined in SCMI specification v2.0 [1] for clock protocol messages.
Platform can provide one of the plat_scmi_clock_*() handler for the
supported operations set/get state/rate and others.
scmi_msg_get_clock_handler() sanitizes the message_id value
against any speculative use of clock ID as a index since by
SCMI specification, IDs are indices.
This implementation is based on the OP-TEE project implementation [2]
itself based on the SCP-firmware implementation [3] of the SCMI
protocol server side.
Link: [1] http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
Link: [2] a7a9e3ba71
Link: [3] https://github.com/ARM-software/SCP-firmware.git
Change-Id: Ib56e096512042d4f7b9563d1e4181554eb8ed02c
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
This change introduces drivers to allow a platform to create a basic
SCMI service and register handlers for client request (SCMI agent) on
system resources. This is the first piece of the drivers: an entry
function, the SCMI base protocol support and helpers for create
the response message.
With this change, scmi_process_message() is the entry function to
process an incoming SCMI message. The function expect the message
is already copied from shared memory into secure memory. The message
structure stores message reference and output buffer reference where
response message shall be stored.
scmi_process_message() calls the SCMI protocol driver according to
the protocol ID in the message. The SCMI protocol driver will call
defined platform handlers according to the message content.
This change introduces only the SCMI base protocol as defined in
SCMI specification v2.0 [1]. Not all the messages defined
in the specification are supported.
The SCMI message implementation is derived from the OP-TEE project [2]
itself based on the SCP-firmware implementation [3] of the SCMI protocol
server side.
Link: [1] http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
Link: [2] ae8c806809
Link: [3] https://github.com/ARM-software/SCP-firmware/tree/v2.6.0
Change-Id: I639c4154a39fca60606264baf8d32452641f45e9
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
with sha 44f1aa8, support for Silicon Provider(SiP) owned Secure
Partition(SP) was added for dualroot CoT. This patch extends this
support for tbbr CoT.
Earlier tbbr CoT for SPs was left to avoid adding new image types in
TBBR which could possibly be seen as deviation from specification.
But with further discussions it is understood that TBBR being a
*minimal* set of requirements that can be extended as long as we don't
violate any of the musts, which is the case with adding SP support.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I1b9e3ebdd7d653f1fd4cc3bd910a69871b55ecbb
The only difference between GIC-500 and GIC-600 relevant to TF-A is the
differing power management sequence.
A certain GIC implementation is detectable at runtime, for instance by
checking the IIDR register. Let's add that test before initiating the
GIC-600 specific sequence, so the code can be used on both GIC-600 and
GIC-500 chips alike, without deciding on a GIC chip at compile time.
This means that the GIC-500 "driver" is now redundant. To allow minimal
platform support, add a switch to disable GIC-600 support.
Change-Id: I17ea97d9fb05874772ebaa13e6678b4ba3415557
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
A new certificate "sip-sp-cert" has been added for Silicon Provider(SiP)
owned Secure Partitions(SP). A similar support for Platform owned SP can
be added in future. The certificate is also protected against anti-
rollback using the trusted Non-Volatile counter.
To avoid deviating from TBBR spec, support for SP CoT is only provided
in dualroot.
Secure Partition content certificate is assigned image ID 31 and SP
images follows after it.
The CoT for secure partition look like below.
+------------------+ +-------------------+
| ROTPK/ROTPK Hash |------>| Trusted Key |
+------------------+ | Certificate |
| (Auth Image) |
/+-------------------+
/ |
/ |
/ |
/ |
L v
+------------------+ +-------------------+
| Trusted World |------>| SiP owned SPs |
| Public Key | | Content Cert |
+------------------+ | (Auth Image) |
/ +-------------------+
/ |
/ v|
+------------------+ L +-------------------+
| SP_PKG1 Hash |------>| SP_PKG1 |
| | | (Data Image) |
+------------------+ +-------------------+
. .
. .
. .
+------------------+ +-------------------+
| SP_PKG8 Hash |------>| SP_PKG8 |
| | | (Data Image) |
+------------------+ +-------------------+
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ia31546bac1327a3e0b5d37e8b99c808442d5e53f
Update PLL configuration according to HW team guidelines.
Change-Id: I23cac4fb4a638e7416965a5399ce6947e08d0711
Signed-off-by: Alex Leibovich <alexl@marvell.com>
joanna.farley
Manish Pandey
Alexei Fedorov
Andre Przywara
Madhukar Pappireddy
johpow01
Bharat Gooty
Masahiro Yamada
Konstantin Porotchkin
Grzegorz Jaszczyk
Etienne Carriere
Varun Wadekar
Manish V Badarkhe
Louis Mayencourt
Sandeep Tripathy
Etienne Carriere
Alex Leibovich