Louis Mayencourt [Fri, 28 Feb 2020 16:57:30 +0000 (16:57 +0000)]
fconf: Clean Arm IO
Merge the previously introduced arm_fconf_io_storage into arm_io_storage. This
removes the duplicate io_policies and functions definition.
This patch:
- replace arm_io_storage.c with the content of arm_fconf_io_storage.c
- rename the USE_FCONF_BASED_IO option into ARM_IO_IN_DTB.
- use the ARM_IO_IN_DTB option to compile out io_policies moved in dtb.
- propagate DEFINES when parsing dts.
- use ARM_IO_IN_DTB to include or not uuid nodes in fw_config dtb.
- set the ARM_IO_IN_DTB to 0 by default for fvp. This ensure that the behavior
of fvp stays the same as it was before the introduction of fconf.
Change-Id: Ia774a96d1d3a2bccad29f7ce2e2b4c21b26c080e Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Mention COT build option in trusted-board-boot-build.rst
Since commit 3bff910dc16ad5ed97d470064b25481d3674732b ("Introduce COT
build option"), it is now possible to select a different Chain of Trust
than the TBBR-Client one.
Make a few adjustments in the documentation to reflect that. Also make
some minor improvements (fixing typos, better formatting, ...) along
the way.
The TBBR documentation has been written along with an early
implementation of the code. At that time, the range of supported
encryption and hash algorithms was failry limited. Since then, support
for other algorithms has been added in TF-A but the documentation has
not been updated.
Instead of listing them all, which would clutter this document while
still leaving it at risk of going stale in the future, remove specific
references to the original algorithms and point the reader at the
relevant comprehensive document for further details.
Chris Kay [Thu, 12 Mar 2020 13:50:26 +0000 (13:50 +0000)]
juno/sgm: Maximize space allocated to SCP_BL2
To accommodate the increasing size of the SCP_BL2 binary, the base
address of the memory region allocated to SCP_BL2 has been moved
downwards from its current (mostly) arbitrary address to the beginning
of the non-shared trusted SRAM.
Change-Id: I086a3765bf3ea88f45525223d765dc0dbad6b434 Signed-off-by: Chris Kay <chris.kay@arm.com>
Merge changes from topic "tegra-downstream-03102020" into integration
* changes:
Tegra210: Remove "unsupported func ID" error msg
Tegra210: support for secure physical timer
spd: tlkd: secure timer interrupt handler
Tegra: smmu: export handlers to read/write SMMU registers
Tegra: smmu: remove context save sequence
Tegra: bpmp: fixup TEGRA_CLK_SE values for Tegra186/Tegra194
Tegra194: memctrl: lock some more MC SID security configs
Tegra194: add SE support to generate SHA256 of TZRAM
Tegra194: store TZDRAM base/size to scratch registers
Tegra194: fix warnings for extra parentheses
The motivation behind this patch and following patches is to extract
information about the platform in runtime rather than depending on
compile time macros such as FVP_CLUSTER_COUNT. This partially enables
us to use a single binary for a family of platforms which all have
similar hardware capabilities but differ in configurations.
we populate the data structure describing the power domain hierarchy
of the platform dynamically by querying the number of clusters and cpus
using fconf getter APIs. Compile time macro such as FVP_CLUSTER_COUNT
is still needed as it determines the size of related data structures.
Note that the cpu-map node in HW_CONFIG dts represents a logical
hierarchy of power domains of CPU. However, in reality, the power
domains may not have been physically built in such hierarchy.
The platform sip is reporting a "unsupported function ID" if the
smc function id is not pmc command. When actually the smc function id
could be specific to the tegra sip handler.
This patch removes the error reported.
Varun Wadekar [Fri, 10 Aug 2018 16:55:25 +0000 (09:55 -0700)]
spd: tlkd: secure timer interrupt handler
This patch adds an interrupt handler for TLK. On receiving an
interrupt, the source of the interrupt is determined and the
interrupt is marked complete. The IRQ number is passed to
TLK along with a special SMC function ID. TLK issues an SMC
to notify completion of the interrupt handler in the S-EL1
world.
SMMU and MC registers are saved as part of the System Suspend sequence.
The register list includes some NS world SMMU registers that need to be
saved by NS world software instead. All that remains as a result are
the MC registers.
This patch moves code to MC file as a result and renames all the
variables and defines to use the MC prefix instead of SMMU. The
Tegra186 and Tegra194 platform ports are updated to provide the MC
context register list to the parent driver. The memory required for
context save is reduced due to removal of the SMMU registers.
Tegra194: memctrl: lock some more MC SID security configs
The platform code already contains the initial set of MC SID
security configs to be locked during boot. This patch adds some
more configs to the list. Since the reset value of these registers
is already as per expectations, there is no need to change it.
Tegra194: add SE support to generate SHA256 of TZRAM
The BL3-1 firmware code is stored in TZSRAM on Tegra194 platforms. This
memory loses power when we enter System Suspend and so its contents are
stored to TZDRAM, before entry. This opens up an attack vector where the
TZDRAM contents might be tampered with when we are in the System Suspend
mode. To mitigate this attack the SE engine calculates the hash of entire
TZSRAM and stores it in PMC scratch, before we copy data to TZDRAM. The
WB0 code will validate the TZDRAM and match the hash with the one in PMC
scratch.
This patch adds driver for the SE engine, with APIs to calculate the hash
and store to PMC scratch registers.
Tegra194: store TZDRAM base/size to scratch registers
This patch saves the TZDRAM base and size values to secure scratch
registers, for the WB0. The WB0 reads these values and uses them to
verify integrity of the TZDRAM aperture.
armclang displays warnings for extra parentheses, leading to
build failures as warnings are treated as errors.
This patch removes the extra parentheses to fix this issue.
fconf: Extract topology node properties from HW_CONFIG dtb
Create, register( and implicitly invoke) fconf_populate_topology()
function which extracts the topology related properties from dtb into
the newly created fconf based configuration structure 'soc_topology'.
Appropriate libfdt APIs are added to jmptbl.i file for use with USE_ROMLIB
build feature.
A new property which describes the power domain levels is added to the
HW_CONFIG device tree source files.
This patch also fixes a minor bug in the common device tree file
fvp-base-gicv3-psci-dynamiq-common.dtsi
As this file includes fvp-base-gicv3-psci-common.dtsi, it is necessary
to delete all previous cluster node definitons because DynamIQ based
models have upto 8 CPUs in each cluster. If not deleted, the final dts
would have an inaccurate description of SoC topology, i.e., cluster0
with 8 or more core nodes and cluster1 with 4 core nodes.
fconf: necessary modifications to support fconf in BL31 & SP_MIN
Necessary infrastructure added to integrate fconf framework in BL31 & SP_MIN.
Created few populator() functions which parse HW_CONFIG device tree
and registered them with fconf framework. Many of the changes are
only applicable for fvp platform.
This patch:
1. Adds necessary symbols and sections in BL31, SP_MIN linker script
2. Adds necessary memory map entry for translation in BL31, SP_MIN
3. Creates an abstraction layer for hardware configuration based on
fconf framework
4. Adds necessary changes to build flow (makefiles)
5. Minimal callback to read hw_config dtb for capturing properties
related to GIC(interrupt-controller node)
6. updates the fconf documentation
fconf: enhancements to firmware configuration framework
A populate() function essentially captures the value of a property,
defined by a platform, into a fconf related c structure. Such a
callback is usually platform specific and is associated to a specific
configuration source.
For example, a populate() function which captures the hardware topology
of the platform can only parse HW_CONFIG DTB. Hence each populator
function must be registered with a specific 'config_type' identifier.
It broadly represents a logical grouping of configuration properties
which is usually a device tree source file.
Example:
> TB_FW: properties related to trusted firmware such as IO policies,
base address of other DTBs, mbedtls heap info etc.
> HW_CONFIG: properties related to hardware configuration of the SoC
such as topology, GIC controller, PSCI hooks, CPU ID etc.
This patch modifies FCONF_REGISTER_POPULATOR macro and fconf_populate()
to register and invoke the appropriate callbacks selectively based on
configuration type.
Merge changes from topic "stm32mp1-multi-image" into integration
* changes:
stm32mp1: platform.mk: support generating multiple images in one build
stm32mp1: platform.mk: migrate to implicit rules
stm32mp1: platform.mk: derive map file name from target name
stm32mp1: platform.mk: generate linker script with fixed name
stm32mp1: platform.mk: use PHONY for the appropriate targets
* changes:
Factor xlat_table sections in linker scripts out into a header file
xlat_tables_v2: use ARRAY_SIZE in REGISTER_XLAT_CONTEXT_FULL_SPEC
xlat_tables_v2: merge REGISTER_XLAT_CONTEXT_{FULL_SPEC,RO_BASE_TABLE}
Masahiro Yamada [Mon, 9 Mar 2020 08:39:48 +0000 (17:39 +0900)]
Factor xlat_table sections in linker scripts out into a header file
TF-A has so many linker scripts, at least one linker script for each BL
image, and some platforms have their own ones. They duplicate quite
similar code (and comments).
When we add some changes to linker scripts, we end up with touching
so many files. This is not nice in the maintainability perspective.
When you look at Linux kernel, the common code is macrofied in
include/asm-generic/vmlinux.lds.h, which is included from each arch
linker script, arch/*/kernel/vmlinux.lds.S
TF-A can follow this approach. Let's factor out the common code into
include/common/bl_common.ld.h
As a start point, this commit factors out the xlat_table section.
Mark Dykes [Tue, 10 Mar 2020 18:34:56 +0000 (18:34 +0000)]
Merge changes from topic "sb/dualroot" into integration
* changes:
plat/arm: Pass cookie argument down to arm_get_rotpk_info()
plat/arm: Add support for dualroot CoT
plat/arm: Provide some PROTK files for development
Alexei Fedorov [Fri, 21 Feb 2020 10:17:26 +0000 (10:17 +0000)]
TF-A GICv3 driver: Separate GICD and GICR accessor functions
This patch provides separation of GICD, GICR accessor
functions and adds new macros for GICv3 registers access
as a preparation for GICv3.1 and GICv4 support.
NOTE: Platforms need to modify to include both
'gicdv3_helpers.c' and 'gicrv3_helpers.c' instead of the
single helper file previously.
Olivier Deprez [Tue, 10 Mar 2020 08:28:21 +0000 (08:28 +0000)]
Merge changes from topic "tegra-downstream-02182020" into integration
* changes:
Tegra186: store TZDRAM base/size to scratch registers
Tegra186: add SE support to generate SHA256 of TZRAM
Tegra186: add support for bpmp_ipc driver
Tegra210: disable ERRATA_A57_829520
Tegra194: memctrl: add support for MIU4 and MIU5
Tegra194: memctrl: remove support to reconfigure MSS
Tegra: fiq_glue: remove bakery locks from interrupt handler
Tegra210: SE: add context save support
Tegra210: update the PMC blacklisted registers
Tegra: disable CPUACTLR access from lower exception levels
cpus: denver: fixup register used to store return address
Varun Wadekar [Thu, 28 Jun 2018 18:03:41 +0000 (11:03 -0700)]
Tegra186: store TZDRAM base/size to scratch registers
This patch saves the TZDRAM base and size values to secure scratch
registers, for the WB0. The WB0 reads these values and uses them to
verify integrity of the TZDRAM aperture.
Tegra186: add SE support to generate SHA256 of TZRAM
The BL3-1 firmware code is stored in TZSRAM on Tegra186 platforms. This
memory loses power when we enter System Suspend and so its contents are
stored to TZDRAM, before entry. This opens up an attack vector where the
TZDRAM contents might be tampered with when we are in the System Suspend
mode. To mitigate this attack the SE engine calculates the hash of entire
TZSRAM and stores it in PMC scratch, before we copy data to TZDRAM. The
WB0 code will validate the TZDRAM and match the hash with the one in PMC
scratch.
This patch adds driver for the SE engine, with APIs to calculate the hash
and store SE SHA256 hash-result to PMC scratch registers.
Tegra194: memctrl: remove support to reconfigure MSS
As bpmp-fw is running at the same time as ATF, and
the mss client reconfiguration sequence involves performing
a hot flush resets on bpmp, there is a chance that bpmp-fw is
trying to perform accesses while the hot flush is active.
Therefore, the mss client reconfigure has been moved to
System Suspend resume fw and bootloader, and it can be
removed from here.
Change-Id: I34019ad12abea9681f5e180af6bc86f2c4c6fc74 Signed-off-by: Stefan Kristiansson <stefank@nvidia.com>
Tegra: fiq_glue: remove bakery locks from interrupt handler
This patch removes usage of bakery_locks from the FIQ handler, as it
creates unnecessary dependency whenever the watchdog timer interrupt
fires. All operations inside the interrupt handler are 'reads', so
no need for serialization.
Tegra210B01 SoCs support atomic context save for the two SE
hardware engines. Tegra210 SoCs have support for only one SE
engine and support a software based save/restore mechanism
instead.
This patch updates the SE driver to make this change.
Varun Wadekar [Fri, 29 Jun 2018 20:34:51 +0000 (13:34 -0700)]
locks: bakery: add a DMB to the 'read_cache_op' macro
ARM has a weak memory ordering model. This means that without
explicit barriers, memory accesses can be observed differently
than program order. In this case, the cache invalidate instruction
can be observed after the subsequent read to address.
To solve this, a DMB instruction is required between the cache
invalidate and the read. This ensures that the cache invalidate
completes before all memory accesses in program order after the DMB.
This patch updates the 'read_cache_op' macro to issue a DMB after
the cache invalidate instruction to fix this anomaly.
Alexei Fedorov [Tue, 3 Mar 2020 13:31:58 +0000 (13:31 +0000)]
Fix crash dump for lower EL
This patch provides a fix for incorrect crash dump data for
lower EL when TF-A is built with HANDLE_EA_EL3_FIRST=1 option
which enables routing of External Aborts and SErrors to EL3.
Sumit Garg [Thu, 14 Nov 2019 12:04:56 +0000 (17:34 +0530)]
qemu: Support optional encryption of BL31 and BL32 images
Enable encryption IO layer to be stacked above FIP IO layer for optional
encryption of Bl31 and BL32 images in case ENCRYPT_BL31 or ENCRYPT_BL32
build flag is set.
Sumit Garg [Thu, 14 Nov 2019 11:03:45 +0000 (16:33 +0530)]
Makefile: Add support to optionally encrypt BL31 and BL32
Following build flags have been added to support optional firmware
encryption:
- FW_ENC_STATUS: Top level firmware's encryption numeric flag, values:
0: Encryption is done with Secret Symmetric Key (SSK) which is
common for a class of devices.
1: Encryption is done with Binding Secret Symmetric Key (BSSK) which
is unique per device.
- ENC_KEY: A 32-byte (256-bit) symmetric key in hex string format. It
could be SSK or BSSK depending on FW_ENC_STATUS flag.
- ENC_NONCE: A 12-byte (96-bit) encryption nonce or Initialization Vector
(IV) in hex string format.
- ENCRYPT_BL31: Binary flag to enable encryption of BL31 firmware.
- ENCRYPT_BL32: Binary flag to enable encryption of Secure BL32 payload.
Similar flags can be added to encrypt other firmwares as well depending
on use-cases.
Sumit Garg [Mon, 11 Nov 2019 13:16:36 +0000 (18:46 +0530)]
tools: Add firmware authenticated encryption tool
Add firmware authenticated encryption tool which utilizes OpenSSL
library to encrypt firmwares using a key provided via cmdline. Currently
this tool supports AES-GCM as an authenticated encryption algorithm.
Sumit Garg [Fri, 15 Nov 2019 10:04:55 +0000 (15:34 +0530)]
TBB: Add an IO abstraction layer to load encrypted firmwares
TBBR spec advocates for optional encryption of firmwares (see optional
requirement: R060_TBBR_FUNCTION). So add an IO abstaction layer to
support firmware decryption that can be stacked above any underlying IO/
packaging layer like FIP etc. It aims to provide a framework to load any
encrypted IO payload.
Also, add plat_get_enc_key_info() to be implemented in a platform
specific manner as handling of encryption key may vary from one platform
to another.
Add framework for autheticated decryption of data. Currently this
patch optionally imports mbedtls library as a backend if build option
"DECRYPTION_SUPPORT = aes_gcm" is set to perform authenticated decryption
using AES-GCM algorithm.
Manish Pandey [Tue, 3 Mar 2020 17:12:10 +0000 (17:12 +0000)]
driver/arm/css: minor bug fix
The cpu index was wrongly checked causing it to assert always.
Since this code path is exercised only during TF test "NODE_HW_STAT",
which queries Power state from SCP, this bug was not detected earlier.
Andre Przywara [Thu, 5 Mar 2020 13:56:56 +0000 (13:56 +0000)]
imx: console: Use CONSOLE_T_BASE for UART base address
Since commit ac71344e9eca we have the UART base address in the generic
console_t structure. For most platforms the platform-specific struct
console is gone, so we *must* use the embedded base address, since there
is no storage behind the generic console_t anymore.
Replace the usage of CONSOLE_T_DRVDATA with CONSOLE_T_BASE to fix this.
Change-Id: I6d2ab0bc2c845c71f98b9dd64d89eef3252f4591 Reported-by: Varun Wadekar <vwadekar@nvidia.com> Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Varun Wadekar [Wed, 4 Mar 2020 21:47:13 +0000 (13:47 -0800)]
Tegra: spe: use CONSOLE_T_BASE to save MMIO base address
Commit ac71344e9eca1f7d1e0ce4a67aca776470639b1c moved the base address
for the MMIO aperture of the console inside the console_t struct. As
a result, the driver should now save the MMIO base address to console_t
at offset marked by the CONSOLE_T_BASE macro.
This patch updates the SPE console driver to use the CONSOLE_T_BASE macro
to save/access the MMIO base address.
Manish Pandey [Tue, 25 Feb 2020 11:38:19 +0000 (11:38 +0000)]
SPMD: loading Secure Partition payloads
This patch implements loading of Secure Partition packages using
existing framework of loading other bl images.
The current framework uses a statically defined array to store all the
possible image types and at run time generates a link list and traverse
through it to load different images.
To load SPs, a new array of fixed size is introduced which will be
dynamically populated based on number of SPs available in the system
and it will be appended to the loadable images list.
Max Shvetsov [Tue, 25 Feb 2020 13:55:00 +0000 (13:55 +0000)]
SPMD: add command line parameter to run SPM at S-EL2 or S-EL1
Added SPMD_SPM_AT_SEL2 build command line parameter.
Set to 1 to run SPM at S-EL2.
Set to 0 to run SPM at S-EL1 (pre-v8.4 or S-EL2 is disabled).
Removed runtime EL from SPM core manifest.
Change-Id: Icb4f5ea4c800f266880db1d410d63fe27a1171c0 Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com> Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
Max Shvetsov [Fri, 24 Jan 2020 13:48:53 +0000 (13:48 +0000)]
SPMD: [tegra] rename el1_sys_regs structure to sys_regs
Renamed the structure according to a SPMD refactoring
introduced in <c585d07aa> since this structure is used
to service both EL1 and EL2 as opposed to serving only EL1.
Change-Id: I23b7c089e53f617157a4b4e6443acce50d85c3b5 Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
Max Shvetsov [Mon, 17 Feb 2020 16:15:47 +0000 (16:15 +0000)]
SPMD: Adds partially supported EL2 registers.
This patch adds EL2 registers that are supported up to ARMv8.6.
ARM_ARCH_MINOR has to specified to enable save/restore routine.
Note: Following registers are still not covered in save/restore.
* AMEVCNTVOFF0<n>_EL2
* AMEVCNTVOFF1<n>_EL2
* ICH_AP0R<n>_EL2
* ICH_AP1R<n>_EL2
* ICH_LR<n>_EL2
Change-Id: I4813f3243e56e21cb297b31ef549a4b38d4876e1 Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
Manish Pandey [Tue, 18 Feb 2020 13:08:14 +0000 (13:08 +0000)]
fvp: add Cactus/Ivy Secure Partition information
Add load address and UUID in fw config dts for Cactus and Ivy which are
example SP's in tf-test repository.
For prototype purpose these information is added manually but later on
it will be updated at compile time from SP layout file and SP manifests
provided by platform.
Leo Yan [Mon, 2 Mar 2020 14:15:08 +0000 (22:15 +0800)]
hikey960: Enable system power off callback
On Hikey960 if outputs GPIO176 low level, it can tell PMIC to power off
the whole board. To avoid resetting the board and stay off, it also
requires the SW2201's three switches 1/2/3 need to be all set to 0.
Since current code doesn't contain complete GPIO modules and misses to
support GPIO176. This patch adds all known GPIO modules and initialize
GPIO in BL31, and adds system power off callback to use GPIO176 for PMIC
power off operation.
Change-Id: Ia88859b8b7c87c061420ef75f0de3e2768667bb0 Signed-off-by: Leo Yan <leo.yan@linaro.org>
doc: Fix variables names in TBBR CoT documentation
In commit 516beb585c23056820a854b12c77a6f62cbc5c8b ("TBB: apply TBBR naming
convention to certificates and extensions"), some of the variables used in the
TBBR chain of trust got renamed but the documentation did not get properly
updated everywhere to reflect these changes.
aarch32: stop speculative execution past exception returns
aarch32 CPUs speculatively execute instructions following a
ERET as if it was not a jump instruction. This could lead to
cache-based side channel vulnerabilities. The software fix is
to place barrier instructions following ERET.
projects / arm-tf.git / log