Ruari Phipps [Tue, 11 Aug 2020 14:28:03 +0000 (15:28 +0100)]
SPM: Add owner field to cactus secure partitions
For supporting dualroot CoT for Secure Partitions a new optional field
"owner" is introduced which will be used to sign the SP with
corresponding signing domain. To demonstrate its usage, this patch adds
owners to cactus Secure Partitions.
SPM: Alter sp_gen.mk entry depending on owner of partition
With recently introduced dualroot CoT for SPs where they are owned
either by SiP or by Platform. SiP owned SPs index starts at SP_PKG1_ID
while Plat owned SPs index starts at SP_PKG5_ID.
This patch modifies SP makefile generator script to take CoT as an
argument and if it is "dualroot" then generates SP_PKG in order
mentioned above, otherwise generates it sequentially.
For Arm platforms SPs are loaded by parsing tb_fw_config.dts and
adding them to SP structure sequentially, which in-turn is appended to
loadable image list.
With recently introduced dualroot CoT for SPs where they are owned
either by SiP or by Platform. SiP owned SPs index starts at SP_PKG1_ID
and Plat owned SPs index starts at SP_PKG5_ID. As the start index of SP
depends on the owner, there should be a mechanism to parse owner of a SP
and put it at the correct index in SP structure.
This patch adds support for parsing a new optional field "owner" and
based on it put SP details(UUID & Load-address) at the correct index in
SP structure.
dualroot: add chain of trust for Platform owned SPs
For dualroot CoT there are two sets of SP certificates, one owned by
Silicon Provider(SiP) and other owned by Platform. Each certificate can
have a maximum of 4 SPs.
This patch reduces the number of SiP owned SPs from 8 to 4 and adds
the remaining 4 to Plat owned SP.
Plat owned SP certificate is signed using Platform RoT key and
protected against anti-rollback using the Non-trusted Non-volatile
counter.
cert_create: add Platform owned secure partitions support
Add support to generate a certificate named "plat-sp-cert" for Secure
Partitions(SP) owned by Platform.
Earlier a single certificate file "sip-sp-cert" was generated which
contained hash of all 8 SPs, with this change SPs are divided into
two categories viz "SiP owned" and "Plat owned" containing 4 SPs each.
MISRA defect cleanup and general code cleanup in mem_region.c and
semihosting.c. This task also called for cleanup of the ARM NOR flash
driver but that was removed at some point since the Jira task was
created. This patch fixes all MISRA defects in these files except for a
few "Calling function "console_flush()" which returns error information
without testing the error information." errors which can't really be
avoided.
Peng Fan [Mon, 27 Jul 2020 13:22:14 +0000 (21:22 +0800)]
plat: imx: add sdei support for i.MX8MM
Add sdei support for i.MX8MM, this is to let jailhouse Hypervisor
could use SDEI to do hypervisor management, after physical IRQ
has been disabled routing.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Change-Id: I5fd697fee22df151e13d0f1335e8ac8a7bae6189
Grant Likely [Thu, 30 Jul 2020 07:50:10 +0000 (08:50 +0100)]
Use abspath to dereference $BUILD_BASE
If the user tries to change BUILD_BASE to put the build products outside
the build tree the compile will fail due to hard coded assumptions that
$BUILD_BASE is a relative path. Fix by using $(abspath $(BUILD_BASE))
to rationalize to an absolute path every time and remove the relative
path assumptions.
This patch also adds documentation that BUILD_BASE can be specified by
the user.
Signed-off-by: Grant Likely <grant.likely@arm.com> Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ib1af874de658484aaffc672f30029b852d2489c8
This patch fixes BL31 linker error
"relocation R_AARCH64_ABS32 against `a local symbol'
can not be used when making a shared object"
when Position Independent Executable (PIE) support
is enabled with ENABLE_PIE=1 build option.
Currently only single signing domain is supported for SP packages but
there is plan to support dual signing domains if CoT is dualroot.
SP_CONTENT_CERT_ID is the certificate file which is currently generated
and signed with trusted world key which in-turn is derived from Silicon
provider RoT key.
To allow dual signing domain for SP packages, other certificate file
will be derived from Platform owned RoT key.
This patch renames "SP_CONTENT_CERT_ID" to "SIP_SP_CONTENT_CERT_ID" and
does other related changes.
spm-mm: fix MISRA C-2012 Rule 2.3 spm_mm_boot_info_t defined but never used.
Following merge of patchset [1] the spm_mm_boot_info_t structure is
included in few platform files unconditionally even when SPM_MM option
is disabled.
Andre Przywara [Tue, 7 Jul 2020 09:40:46 +0000 (10:40 +0100)]
arm_fpga: Support uploading a custom command line
The command line for BL33 payloads is typically taken from the DTB. On
"normal" systems the bootloader will put the right version in there, but
we typically don't use one on the FPGAs.
To avoid editing (and possibly re-packaging) the DTB for every change in
the command line, try to read it from some "magic" memory location
instead. It can be easily placed there by the tool that uploads the
other payloads to the FPGA's memory. BL31 will then replace the existing
command line in the DTB with that new string.
To avoid reading garbage, check the memory location for containing a
magic value. This is conveniently chosen to be a simple ASCII string, so
it can just preceed the actual command line in a text file:
--------------------------------
CMD:console=ttyAMA0,38400n8 debug loglevel=8
--------------------------------
Change-Id: I5923a80332c9fac3b4afd1a6aaa321233d0f60da Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Makefile, doc: Make OPENSSL_DIR variable as build option for tools
Openssl directory path is hardcoded to '/usr' in the makefile
of certificate generation and firmware encryption tool using
'OPENSSL_DIR' variable.
Hence changes are done to make 'OPENSSL_DIR' variable as
a build option so that user can provide openssl directory
path while building the certificate generation and firmware
encryption tool.
Also, updated the document for this newly created build option
Change-Id: Ib1538370d2c59263417f5db3746d1087ee1c1339 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The purpose of rx_training had changed after last update. Currently it
is not supposed to help with providing static parameters for porting
layer. Instead, it aims to suit the parameters per connection.
Change-Id: I2a146b71e2e20bd264c090a9a627d0b6bc56e052 Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
CN-9130 has single CP0 inside the package and 2 additional one from MoChi
interface. In case of db-9130-modular board the MCI interface is routed to:
- on-board CP115 (MCI0)
- extension board CP115 (MCI1)
The board is based on DIMM DDR.
The 9130 has up to 3CP, and decoding windows looks like below:
Alex Evraev [Mon, 6 May 2019 10:15:07 +0000 (13:15 +0300)]
plat: marvell: t9130: add SVC support
As the preparation for adding the CN913x SoC family support
introduce code that enable SVC and the frequency handling
specific for the AP807 North Bridge.
Change-Id: Ibe34a511b49cd9671a2e53b77bdcfc644bb915e3 Signed-off-by: Alex Evraev <alexev@marvell.com>
Moti Buskila [Sun, 6 Oct 2019 13:36:27 +0000 (16:36 +0300)]
plat: marvell: armada: add support for twin-die combined memory device
the twin-die combined memory device should be treated as
X8 device and not as X16 one. This patch is required to
re-enable compilation after BLE (mv-ddr-marvell) firmware upgrade.
Change-Id: I41257ff2825164ebca85a84bbb8462d7b3447b97 Signed-off-by: Moti Buskila <motib@marvell.com> Signed-off-by: Marcin Wojtas <mw@semihalf.com>
Andre Przywara [Mon, 6 Jul 2020 05:49:41 +0000 (11:19 +0530)]
fdts: n1sdp: DTS file for single-chip and multi-chip environment.
N1SDP supports both single-chip and multi-chip environment.
Added DTS file for both type of environment.
Enabled DTS files compilation for N1SDP platform.
This patch fixes violation of Rules 2.1, 7.3, 10.1,
10.4, 12.1, 14.3, 14.4, 17.7, 20.9 reported by
MISRA-2012 scan and adds braces for conditional
statements according to the TF-A coding style.
The link to the exception handling framework page on the System Design /
Firmware Design / Section 4.3 just links to itself, so I changed it to
link to the exception handling framework component document.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I6711b423a789b2b3d1921671e8497fffa8ba33d1
This patch fixes defects 10.3, 10.4, 10.7, 20.7
reported by MISRA-2012 scan and adds braces for
conditional statements according to the TF-A
coding style.
SMCCC: Introduce function to check SMCCC function availability
Currently, 'SMCCC_ARCH_FEATURES' SMC call handler unconditionally
returns 'SMC_OK' for 'SMCCC_ARCH_SOC_ID' function. This seems to
be not correct for the platform which doesn't implement soc-id
functionality i.e. functions to retrieve both soc-version and
soc-revision.
Hence introduced a platform function which will check whether SMCCC
feature is available for the platform.
Also, updated porting guide for the newly added platform function.
Change-Id: I389f0ef6b0837bb24c712aa995b7176117bc7961 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
SPM(BL32) and hafnium(BL33) expect their manifest base address in x0
register, which is updated during BL2 stage by parsing fw_config.
In case of RESET_TO_BL31 it has to be updated while populating
entry point information.
As secondary cores show up, they populate an array to
announce themselves so plat_core_pos_by_mpidr() can
return an invalid COREID code for any non-existing
MPIDR that it is queried about.
The Power Domain Tree Description is populated with
a topology based on the maximum harcoded values.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I8fd64761a2296714ce0f37c46544f3e6f13b5f61
This errata workaround did not work as intended so we are reverting this
change. In the future, when the corrected workaround is published in an
SDEN, we will push a new workaround.
This is the patch being reverted:
https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4750
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I20aa064c1bac9671939e657bec269d32b9e75a97
Merge changes from topic "tf-cleanup" into integration
* changes:
plat/arm: Move fconf population after the enablement of MMU
lib/fconf: Update 'set_fw_config_info' function
lib/fconf: Update data type of config max size
plat/arm: Check the need for firmware update only once
plat/arm: sgm: Use consistent name for tb fw config node
plat/arm: Move fconf population after the enablement of MMU
In BL2, fw_config's population happened before the cache gets
enabled.
Hence to boost the performance, moved fw_config's population
after cache gets enabled (i.e. after MMU gets enabled).
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I2e75cabd76b1cb7a660f6b72f409ab40d2877284
Updated the function 'set_fw_config_info' to make it generic
by doing below changes:
1. Rename function name from 'set_fw_config_info' to 'set_config_info'
2. Take image_id as an argument so that this function can set any
config information.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Icf29e19d3e9996d8154d84dbbbc76712fab0f0c1
plat/arm: Check the need for firmware update only once
Currently, the need for firmware update is being checked twice
in the code hence modifications are done to do this check only
once and set the global variable.
Then this global variable helps to decide whether to go for
normal boot or firmware update flow.
Change-Id: I8469284555a8039786f34670f9dc4830f87aecc1 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Merge changes from topics "af/add_measured_boot_bl1_bl2", "af/add_measured_boot_driver", "af/add_measured_boot_driver_support", "af/add_measured_boot_fconf", "af/add_measured_boot_fvp" into integration
* changes:
plat/arm/board/fvp: Add support for Measured Boot
TF-A: Add support for Measured Boot driver to FCONF
TF-A: Add support for Measured Boot driver in BL1 and BL2
TF-A: Add Event Log for Measured Boot
TF-A: Add support for Measured Boot driver
This patch adds support for Measured Boot functionality
to FVP platform code. It also defines new properties
in 'tpm_event_log' node to store Event Log address and
it size
'tpm_event_log_sm_addr'
'tpm_event_log_addr'
'tpm_event_log_size'
in 'event_log.dtsi' included in 'fvp_tsp_fw_config.dts'
and 'fvp_nt_fw_config.dts'. The node and its properties
are described in binding document
'docs\components\measured_boot\event_log.rst'.
Former EL3 Secure Partition Manager using MM protocol is renamed
Secure Partition Manager (MM).
A new Secure Partition Manager document covers TF-A support for the
PSA FF-A compliant implementation.
plat/arm/rddanielxlr: add platform function to return ROTPK
TBBR authentication framework depends on the plat_get_rotpk_info()
function to return the pointer to the Root of Trust Public Key (ROTPK)
stored in the platform along with its length. Add this function for
RD-Daniel Config-XLR platform to support Trusted Board Boot. The
function makes use of the wrapper function provided by the arm common
trusted board boot function to get the ROTPK hash.
plat/arm/rddaniel: add platform function to return ROTPK
TBBR authentication framework depends on the plat_get_rotpk_info()
function to return the pointer to the Root of Trust Public Key (ROTPK)
stored in the platform along with its length. Add this function for
RD-Daniel platform to support Trusted Board Boot. The function makes use
of the wrapper function provided by the arm common trusted board boot
function to get the ROTPK hash.
projects / arm-tf.git / log