The stream ID security configuration settings shall be done by the
previous level bootloader. This change removes the same settings
from the Tegra194 platform code as a result.
The stream ID override configuration is saved during System Suspend
as part MB1 bct. This change removes the same support from the Tegra194
platform code as a result.
Varun Wadekar [Wed, 11 Dec 2019 21:22:21 +0000 (13:22 -0800)]
Tegra: debug prints indicating SC7 entry sequence completion
This patch adds prints to display the completion of System Suspend
programming sequence for Tegra platforms. The console needs to
be kept alive until the very end of the System Suspend sequence as
a result.
Tegra194: memctrl: update TZDRAM base at 1MB granularity
The Memory controller expects the TZDRAM base value at 1MB granularity
and the current driver does not respect that limitation. This patch
fixes that anomaly.
David Pu [Fri, 7 Jun 2019 22:30:17 +0000 (15:30 -0700)]
Tegra194: ras: split up RAS error clear SMC call.
In order to make sure SMC call is within 25us, this patch reduces number of RAS
errors accessed to 8 at most for each SMC call and takes a input/output
parameter to specify in progress RAS error record index.
The measured SMC call latency is about 20us under Linux test kernel driver.
Change-Id: Ia1b57c8673e0193dc341a36af0b5c09fb48f965f Signed-off-by: David Pu <dpu@nvidia.com>
Varun Wadekar [Fri, 15 Nov 2019 23:46:14 +0000 (15:46 -0800)]
Tegra194: add memory barriers during DRAM to SysRAM copy
This patch adds memory barriers to the trampoline code copying TZDRAM
contents to SysRAM during exit from System Suspend. These barriers
make sure that all the copies go through before we start executing in
SysRAM.
Anthony Zhou [Wed, 4 Dec 2019 06:58:23 +0000 (14:58 +0800)]
Tegra: sip: add VPR resize enabled check
The Memory Controller provides a control register to check
if the video memory can be resized. The previous bootloader
might have locked this feature, which will be reflected by
this register.
This patch reads the control register before processing
a video memory resize request. An error code, -ENOTSUP,
is returned if the feature is locked.
Change-Id: Ia1d67f7a94aa15c6b18ff5c9b9b952e179596ae3 Signed-off-by: Anthony Zhou <anzhou@nvidia.com>
Anthony Zhou [Wed, 13 Nov 2019 10:36:07 +0000 (18:36 +0800)]
Tegra194: add redundancy checks for MMIO writes
MMIO writes should verify that the writes actually went through.
Read the value back after the write operation, perform assert
if the read back value is not same as the write value.
Change-Id: Id2ceb014116f3aa6a9e86505ca1ae9911470a679 Signed-off-by: Anthony Zhou <anzhou@nvidia.com>
During boot the platform enables dual execution for Xavier CPUs.
This patch reads back the ACTLR_ELx register to verify that the bit
is actually set. It asserts if the bit is not set.
Tegra194: verify firewall settings before resource use
The firewall settings for the hardware resources are present in the
Security Configuration Registers. The firewall settings are programmed
by other software components and so must be verified for correctness
before touching the hardware resources they protect.
This patch reads the firewall settings during early boot and asserts
if the settings mismatch.
Add support for hexadecimal and pointer format specifiers to snprintf()
The current implementation of snprintf() does not support pointer and
hexadecimal format specifiers, which can be needed, for instance, for
DTB manipulations.
This patch adds that functionality by borrowing some code from the
printf() implementation.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I2076ea46693a73a04890982bf20e3c633c2767fb
Merge changes from topic "tegra194-spmd" into integration
* changes:
Tegra194: introduce support for `SPD=spmd`
Tegra: introduce backend support to compile libfdt
Tegra: disable signed comparison
plat: common: include "bl_common.h" from plat_spmd_manifest.c
Julius Werner [Wed, 5 Jun 2019 19:40:35 +0000 (12:40 -0700)]
qti: Add SPMI PMIC arbitrator driver
This patch adds a very rudimentary driver for the SPMI arbitrator used
to access the PMIC. It doesn't support all the controller's actual
arbitration features, so it should probably not be used concurrently
with a running kernel (and it's also not optimized for performance). But
it can be used to set a few registers during boot or on shutdown to
control reset handling, which is all we need it for.
Change-Id: I8631c34a2a89ac71aa1ec9b8266e818c922fe34a Signed-off-by: Julius Werner <jwerner@chromium.org>
Julius Werner [Tue, 25 Aug 2020 01:34:38 +0000 (18:34 -0700)]
qti/sc7180: Fix GIC-600 support setting
The patch adding platform support for sc7180 landed around roughly the
same time as the patch that changed GICV3_IMPL to GICV3_SUPPORT_GIC600.
Thus the sc7180 Makefile is still using the old variable name which now
no longer does anything, and it hangs on boot due to the lacking GIC-600
support. This patch fixes the issue.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Id76ada1445c3c5ac9a5a3697b4e749088b89d796
plat: common: include "bl_common.h" from plat_spmd_manifest.c
This patch includes the bl_common.h from plat_spmd_manifest.c to
fix the following compilation errors
<snip>
plat/common/plat_spmd_manifest.c: In function 'plat_spm_core_manifest_load':
plat/common/plat_spmd_manifest.c:130:18: error: implicit declaration of function 'page_align' [-Werror=implicit-function-declaration]
130 | pm_base_align = page_align(pm_base, UP);
| ^~~~~~~~~~
plat/common/plat_spmd_manifest.c:130:38: error: 'UP' undeclared (first use in this function); did you mean 'UL'?
130 | pm_base_align = page_align(pm_base, UP);
| ^~
| UL
plat/common/plat_spmd_manifest.c:130:38: note: each undeclared identifier is reported only once for each function it appears in
plat/common/plat_spmd_manifest.c:146:38: error: 'DOWN' undeclared (first use in this function)
146 | pm_base_align = page_align(pm_base, DOWN);
| ^~~~
cc1: all warnings being treated as errors
<snip>
The SMMU configuration can get corrupted or updated by
external clients during boot without our knowledge.
This patch introduces a "verify" function for the SMMU
driver, to check that the boot configuration settings are
intact. Usually, this function should be called at the
end of the boot cycle.
This function only calls panic() on silicon platforms.
Change-Id: I2ab45a7f228781e71c73ba1f4ffc49353effe146 Signed-off-by: George Bauernschmidt <georgeb@nvidia.com>
Varun Wadekar [Thu, 22 Aug 2019 18:52:36 +0000 (11:52 -0700)]
Tegra: TZDRAM setup from soc specific early_boot handlers
TZDRAM setup is not required for all Tegra SoCs. The previous bootloader
can enable the TZDRAM fence due to architectural improvements in the
newer chips.
This patch moves the TZDRAM setup to early_boot handlers for SoCs to
handle this scenario.
Varun Wadekar [Fri, 4 Oct 2019 18:40:56 +0000 (11:40 -0700)]
Tegra: print GICC registers conditionally
The GICC interface exists only on the interrupt controllers following
the GICv2 specification.
This patch prints the GICC register contents from the platform's macro,
plat_crash_print_regs' only when TEGRA_GICC_BASE is defined. This
allows platforms using future versions of the GIC specification to
still use this macro.
SPE no longer requires the flush bit to be set to start transmitting
characters over the physical uart. Therefore, the flush bit is no
longer required when calling console_core_putc. However, flushing the
console still requires the flush bit.
This patch removes the flush bit from the mailbox messages in
console_core_putc to improve ACK latency.
Original change by: Mustafa Bilgen <mbilgen@nvidia.com>
tools: Get the tool's binary name from the main makefile
Currently, the tool's makefile override the tool's binary name
which is already been defined in the main makefile.
Hence fix is provided so that the tool's makefile get the tool's
binary name from the main makefile instead of overriding it.
Change-Id: I8af2bd391a96bba2dbcddef711338a94ebf5f038 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Mark Dykes [Wed, 19 Aug 2020 19:11:33 +0000 (19:11 +0000)]
Revert "libc/memset: Implement function in assembler"
This reverts commit e7d344de01ad11b856233634717aafe9312697e4.
This reverts the patch https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/5313 due to a timing issue with the merge. The merge occurred at the same time as the additional comments and thusly were were not seen until the merge was done. This reverts the change and additional patches from Alexei will follow to address the concerns expressed in the orignal patch.
Olivier Deprez [Fri, 21 Aug 2020 14:18:57 +0000 (14:18 +0000)]
Merge changes from topic "spm-secondary-cores" into integration
* changes:
SPMC: embed secondary core ep info into to SPMC context
SPMC: manifest changes to support multicore boot
SPMD: secondary cores PM on and off SPD hooks relayed to SPMC
SPMD: handle SPMC message to register secondary core entry point
SPMD: introduce SPMC to SPMD messages
SPMD: register the SPD PM hooks
SPMD: add generic SPD PM handlers
SPMD: enhance SPMC internal boot states
SPMD: entry point info get helper
Olivier Deprez [Mon, 23 Mar 2020 08:53:06 +0000 (09:53 +0100)]
SPMD: secondary cores PM on and off SPD hooks relayed to SPMC
Define SPMD PM hooks for warm boot and off events. svc_on_finish handler
enters the SPMC at the entry point defined by the secondary EP register
service. The svc_off handler notifies the SPMC that a physical core is
being turned off through a notification message.
SPMD: handle SPMC message to register secondary core entry point
Upon booting, the SPMC running on the primary core shall register the
secondary core entry points to which a given secondary core being woken
up shall jump to into the SPMC . The current implementation assumes the
SPMC calls a registering service implemented in the SPMD for each core
identified by its MPIDR. This can typically happen in a simple loop
implemented in the early SPMC initialization routines by passing each
core identifier associated with an entry point address and context
information.
This service is implemented on top of a more generic SPMC<=>SPMD
interface using direct request/response message passing as defined by
the FF-A specification.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
Change-Id: I1f70163b6b5cee0880bd2004e1fec41e3780ba35
Olivier Deprez [Mon, 28 Oct 2019 08:52:45 +0000 (08:52 +0000)]
SPMD: entry point info get helper
This patch provides a helper to get the entry_point_info
structure used by the boot CPU as it is used to initialise
the SPMC context on secondary CPUs.
Jacky Bai [Tue, 7 Jan 2020 03:05:22 +0000 (11:05 +0800)]
plat: imx8m: Fix the race condition during cpu hotplug
CPU hotplug & cpuidle have some race condition when doing CPU hotplug
stress test. different CPU cores have the chance to access the same
GPC register(A53_AD), so lock is necessary to do exlusive access.
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I1296592e05fa78429c3f0fac066951521db755e3
Alexei Fedorov [Sun, 16 Aug 2020 15:01:13 +0000 (16:01 +0100)]
libc/memset: Implement function in assembler
Trace analysis of FVP_Base_AEMv8A model running in
Aarch32 mode with the build options listed below:
TRUSTED_BOARD_BOOT=1 GENERATE_COT=1
ARM_ROTPK_LOCATION=devel_ecdsa KEY_ALG=ecdsa
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_ecdsa.pem
shows that when auth_signature() gets called
71.84% of CPU execution time is spent in memset() function
written in C using single byte write operations,
see lib\libc\memset.c.
This patch replaces C memset() implementation with assembler
version giving the following results:
- for Aarch32 in auth_signature() call memset() CPU time
reduced to 24.84%.
- Number of CPU instructions executed during TF-A
boot stage before start of BL33 in RELEASE builds:
----------------------------------------------
| Arch | C | assembler | % |
----------------------------------------------
| Aarch32 | 2073275460 | 1487400003 | -28.25 |
| Aarch64 | 2056807158 | 1244898303 | -39.47 |
----------------------------------------------
The patch also replaces memset.c with aarch64/memset.S
in plat\nvidia\tegra\platform.mk.
David Pu [Thu, 8 Aug 2019 21:20:03 +0000 (14:20 -0700)]
Tegra: common: make plat_psci_ops routines static
This patch makes Tegra platform psci ops routines to static. These
routines are called by PSCI framework and no external linkage is
necessary. This patch also fixes MISRA C-2012 Rule 8.6 violations.
Change-Id: Idd2381809f76dc0fd578c1c92c0f8eea124f2e88 Signed-off-by: David Pu <dpu@nvidia.com>
Masahisa Kojima [Thu, 11 Jun 2020 12:46:44 +0000 (21:46 +0900)]
qemu/qemu_sbsa: enable SPM support
Enable the spm_mm framework for the qemu_sbsa platform.
Memory layout required for spm_mm is created in secure SRAM.
Co-developed-by: Fu Wei <fu.wei@linaro.org> Signed-off-by: Fu Wei <fu.wei@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Change-Id: I104a623e8bc1e44d035b95f014a13b3f8b33a62a
Manish Pandey [Tue, 18 Aug 2020 11:02:15 +0000 (11:02 +0000)]
Merge changes from topic "soc-id" into integration
* changes:
plat/arm: juno: Implement methods to retrieve soc-id information
plat/arm: fvp: Implement methods to retrieve soc-id information
plat/arm: remove common code for soc-id feature
runtime_exceptions: Update AT speculative workaround
As per latest mailing communication [1], we decided to
update AT speculative workaround implementation in order to
disable page table walk for lower ELs(EL1 or EL0) immediately
after context switching to EL3 from lower ELs.
Previous implementation of AT speculative workaround is available
here: 45aecff00
AT speculative workaround is updated as below:
1. Avoid saving and restoring of SCTLR and TCR registers for EL1
in context save and restore routine respectively.
2. On EL3 entry, save SCTLR and TCR registers for EL1.
3. On EL3 entry, update EL1 system registers to disable stage 1
page table walk for lower ELs (EL1 and EL0) and enable EL1
MMU.
4. On EL3 exit, restore SCTLR and TCR registers for EL1 which
are saved in step 2.
el3_runtime: Rearrange context offset of EL1 sys registers
SCTLR and TCR registers of EL1 plays role in enabling/disabling of
page table walk for lower ELs (EL0 and EL1).
Hence re-arranged EL1 context offsets to have SCTLR and TCR registers
values one after another in the stack so that these registers values
can be saved and restored using stp and ldp instruction respectively.
Change-Id: Iaa28fd9eba82a60932b6b6d85ec8857a9acd5f8b Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Also, changes are done to enable common macro 'ERRATA_SPECULATIVE_AT'
if AT speculative errata workaround is enabled for any of the above
CPUs using 'ERRATA_*' CPU specific build macro.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I3e6a5316a2564071f3920c3ce9ae9a29adbe435b
In case of AT speculative workaround applied, page table walk
is disabled for lower ELs (EL1 and EL0) in EL3.
Hence added a wrapper function which temporarily enables page
table walk to execute AT instruction for lower ELs and then
disables page table walk.
Execute AT instructions directly for lower ELs (EL1 and EL0)
assuming page table walk is enabled always when AT speculative
workaround is not applied.
Change-Id: I4ad4c0bcbb761448af257e9f72ae979473c0dde8 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
el3_runtime: Update context save and restore routines for EL1 and EL2
As per latest mailing communication [1], we decided
not to update SCTLR and TCR registers in EL1 and EL2 context
restore routine when AT speculative workaround is enabled
hence reverted the changes done as part of this commit: 45aecff00.
plat/arm: Use common build flag for using generic sp804 driver
SP804 TIMER is not platform specific, and current code base adds
multiple defines to use this driver. Like FVP_USE_SP804_TIMER and
FVP_VE_USE_SP804_TIMER.
This patch removes platform specific build flag and adds generic
flag `USE_SP804_TIMER` to be set to 1 by platform if needed.
Andre Przywara [Sun, 2 Aug 2020 23:25:21 +0000 (00:25 +0100)]
plat/allwinner: Only enable DRIVEVBUS if really needed
The DRIVEVBUS power rail of the AXP803 PMIC is mostly used to supply
the USB bus power on micro USB sockets, when used in host mode. As this
is a dynamic operation, and mostly we want micro USB sockets to act in
client mode initially, BL31 should not actually enable this power line.
However, on some boards DRIVEVBUS is used to supply power to normal
USB-A sockets. Failing to activate this line there results in
non-functional USB in U-Boot on those boards.
For that reason we were enabling DRIVEVBUS so far, as it did not seem to
cause any harm to the other boards. However it turns out that on the
Pinephone (and other systems with a battery), actually enabling DRIVEVBUS
unconditionally causes serious problems (reboot loop).
To accommodate both use cases, without reverting to a build time option,
check the default OTG configuration in the devicetree. For boards with
USB-A sockets this is set to "host", on boards with micro-B sockets to
"otg". Depending on this setting, we either enable DRIVEVBUS or leave it
alone.
This fixes TF-A on the Pinephone and potentially other battery powered
devices.
Change-Id: Iec0e07f218b2b4393bf4e05c3386261f8ed19e9f Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sun, 2 Aug 2020 23:25:03 +0000 (00:25 +0100)]
plat/allwinner: Use common gicv2.mk
Compiling BL31 for the Allwinner platform now produces a message about
the deprecation of gic_common.c.
Follow the advice and use include gicv2.mk instead.
Collect all includes at the beginning of the file on the way.
Change-Id: Iee46e21a630bfa831d28059f09aa7b049eb554bb Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Manish Pandey [Fri, 14 Aug 2020 15:58:04 +0000 (15:58 +0000)]
Merge changes from topic "sp_dual_signing" into integration
* changes:
SPM: Add owner field to cactus secure partitions
SPM: Alter sp_gen.mk entry depending on owner of partition
plat/arm: enable support for Plat owned SPs
Ruari Phipps [Tue, 11 Aug 2020 14:28:03 +0000 (15:28 +0100)]
SPM: Add owner field to cactus secure partitions
For supporting dualroot CoT for Secure Partitions a new optional field
"owner" is introduced which will be used to sign the SP with
corresponding signing domain. To demonstrate its usage, this patch adds
owners to cactus Secure Partitions.
SPM: Alter sp_gen.mk entry depending on owner of partition
With recently introduced dualroot CoT for SPs where they are owned
either by SiP or by Platform. SiP owned SPs index starts at SP_PKG1_ID
while Plat owned SPs index starts at SP_PKG5_ID.
This patch modifies SP makefile generator script to take CoT as an
argument and if it is "dualroot" then generates SP_PKG in order
mentioned above, otherwise generates it sequentially.
projects / arm-tf.git / log