feat(stm32mp1): adaptations for STM32MP13 image header
The header must now include by default at least an extra padding
header, increasing the size of the header to 512 bytes (0x200).
This header will be placed at the end of SRAM3 by BootROM, letting
the whole SYSRAM to TF-A.
The boot context is now placed in SRAM2, hence this memory has to be
mapped in BL2 MMU. This mapping is done for all SRAMs in a 2MB area.
Yann Gautier [Wed, 12 Feb 2020 14:38:34 +0000 (15:38 +0100)]
feat(stm32mp1): add part numbers for STM32MP13
Add the new part numbers and adapt the functions that use them.
There is no package number in OTP as they all share the same GPIO
banks.
This part is then stubbed for STM32MP13.
Yann Gautier [Wed, 12 Feb 2020 08:36:23 +0000 (09:36 +0100)]
feat(stm32mp1): remove unsupported features on STM32MP13
* GPIO: On STM32MP13, there are no banks GPIOJ, GPIOK and GPIOZ.
* STM32MP13 is a single Cortex-A7 CPU: remove reset from MPU1
and reset from MCU traces
* There is no MCU on STM32MP13. Put MCU security management
under STM32MP15 flag.
* The authentication feature is not supported yet on STM32MP13,
put the code under SPM32MP15 flag.
* On STM32MP13, the monotonic counter is managed in ROM code, keep
the monotonic counter update just for STM32MP15.
* SYSCFG: put registers not present on STM32MP13 under STM32MP15
flag, as the code that manages them.
* PMIC: use ldo3 during DDR configuration only for STM32MP15
* Reset UART pins on USB boot is no more required.
Change-Id: Iceba59484a9bb02828fe7e99f3ecafe69c837bc7 Signed-off-by: Yann Gautier <yann.gautier@st.com> Signed-off-by: Gabriel Fernandez <gabriel.fernandez@st.com>
STM32MP13 is a variant of STM32MP1, with a single Cortex-A7, and no
Cortex-M4.
There is only one DDR port.
SP_min is not supported, only OP-TEE can be used as monitor.
STM32MP13 uses the header v2.0 format for stm32image generation
for BL2.
Nicolas Le Bayon [Mon, 18 Nov 2019 16:13:42 +0000 (17:13 +0100)]
feat(st): update stm32image tool for header v2
The stm32image tool is updated to manage new header v2.0 for BL2
images.
Add new structure for the header v2.0 management.
Adapt to keep compatibility with v1.0.
Add the header version major and minor in the command line
when executing the tool, as well as binary type (0x10 for BL2).
Bipin Ravi [Thu, 24 Feb 2022 05:45:50 +0000 (23:45 -0600)]
fix(security): apply SMCCC_ARCH_WORKAROUND_3 to A73/A75/A72/A57
This patch applies CVE-2022-23960 workarounds for Cortex-A75,
Cortex-A73, Cortex-A72 & Cortex-A57. This patch also implements
the new SMCCC_ARCH_WORKAROUND_3 and enables necessary discovery
hooks for Coxtex-A72, Cortex-A57, Cortex-A73 and Cortex-A75 to
enable discovery of this SMC via SMC_FEATURES. SMCCC_ARCH_WORKAROUND_3
is implemented for A57/A72 because some revisions are affected by both
CVE-2022-23960 and CVE-2017-5715 and this allows callers to replace
SMCCC_ARCH_WORKAROUND_1 calls with SMCCC_ARCH_WORKAROUND_3. For details
of SMCCC_ARCH_WORKAROUND_3, please refer SMCCCv1.4 specification.
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com> Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: Ifa6d9c7baa6764924638efe3c70468f98d60ed7c
In anticipation of Spectre BHB workaround mitigation patches, we
disable the RECLAIM_INIT_CODE for FVP platform. Since the spectre
BHB mitigation workarounds inevitably increase the size of the various
segments due to additional instructions and/or macros, these segments
cannot be fit in the existing memory layout designated for BL31 image.
The issue is specifically seen in complex build configs for FVP
platform. One such config has TBB with Dual CoT and test secure
payload dispatcher(TSPD) enabled. Even a small increase in individual
segment size in order of few bytes might lead to build fails due to
alignment requirements(PAGE_ALIGN to 4KB).
This is needed to workaround the following build failures observed
across multiple build configs:
aarch64-none-elf-ld.bfd: BL31 init has exceeded progbits limit.
aarch64-none-elf-ld.bfd: /work/workspace/workspace/tf-worker_ws_2/trusted_firmware/build/fvp/debug/bl31/bl31.elf section coherent_ram will not fit in region RAM
aarch64-none-elf-ld.bfd: BL31 image has exceeded its limit.
aarch64-none-elf-ld.bfd: region RAM overflowed by 4096 bytes
Merge changes from topic "revert-14286-uart_segregation-VURJFOWMTM" into integration
* changes:
Revert "feat(sgi): deviate from arm css common uart related defi..."
Revert "feat(sgi): route TF-A logs via secure uart"
Revert "feat(sgi): add page table translation entry for secure uart"
Revert "feat(sgi): deviate from arm css common uart related defi..."
Revert submission 14286-uart_segregation
Reason for revert: Need to wait for companion patches in CI and UEFI/Linux to be upstreamed.
Reverted Changes:
I8574b31d5:feat(sgi): add page table translation entry for se...
I8896ae05e:feat(sgi): route TF-A logs via secure uart
I39170848e:feat(sgi): deviate from arm css common uart relate...
Revert "feat(sgi): route TF-A logs via secure uart"
Revert submission 14286-uart_segregation
Reason for revert: Need to wait for companion patches in CI and UEFI/Linux to be upstreamed.
Reverted Changes:
I8574b31d5:feat(sgi): add page table translation entry for se...
I8896ae05e:feat(sgi): route TF-A logs via secure uart
I39170848e:feat(sgi): deviate from arm css common uart relate...
Revert "feat(sgi): add page table translation entry for secure uart"
Revert submission 14286-uart_segregation
Reason for revert: Need to wait for companion patches in CI and UEFI/Linux to be upstreamed.
Reverted Changes:
I8574b31d5:feat(sgi): add page table translation entry for se...
I8896ae05e:feat(sgi): route TF-A logs via secure uart
I39170848e:feat(sgi): deviate from arm css common uart relate...
Rex-BC Chen [Thu, 2 Dec 2021 06:03:44 +0000 (14:03 +0800)]
feat(mt8186): add DFD control in SiP service
DFD (Design for Debug) is a debugging tool, which scans flip-flops and
dumps to internal RAM on the WDT reset. After system reboots, those
values could be showed for debugging.
Bipin Ravi [Thu, 3 Feb 2022 05:03:28 +0000 (23:03 -0600)]
refactor(el3-runtime): change Cortex-A76 implementation of CVE-2018-3639
Re-factored the prior implementation of workaround for CVE-2018-3639
using branch and link instruction to save vector space to include the
workaround for CVE-2022-23960.
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Ib3fe949583160429b5de8f0a4a8e623eb91d87d4
Merge changes from topic "uart_segregation" into integration
* changes:
feat(sgi): add page table translation entry for secure uart
feat(sgi): route TF-A logs via secure uart
feat(sgi): deviate from arm css common uart related definitions
fix(brcm): fix the build failure with mbedTLS config
Patch [1] introduces a mechanism to provide the platform
specified mbedTLS config file, but that result in build failure
for Broadcom platform.
This build failure is due to the absence of the mbedTLS configuration
file i.e. brcm_mbedtls_config.h in the TF-A source code repository.
"fatal error: brcm_mbedtls_config.h: No such file or directory"
This problem was resolved by removing the 'brcm_mbedtls_config.h' entry
from the broadcom platform makefile, allowing this platform to use
the default mbedtls_config.h file.
Rohit Mathew [Mon, 13 Dec 2021 15:40:25 +0000 (15:40 +0000)]
feat(sgi): route TF-A logs via secure uart
Route the boot, runtime and crash stage logs via secure UART port
instead of the existing use of non-secure UART. This aligns with the
security state the PE is in when logs are put out. In addition to this,
this allows consolidation of the UART related macros across all the
variants of the Neoverse reference design platforms.
Rohit Mathew [Mon, 13 Dec 2021 13:50:15 +0000 (13:50 +0000)]
feat(sgi): deviate from arm css common uart related definitions
The Neoverse reference design platforms will migrate to use different
set of secure and non-secure UART ports. This implies that the board
specific macros defined in the common Arm platform code will no longer
be usable for Neoverse reference design platforms.
In preparation for migrating to a different set of UART ports, add a
Neoverse reference design platform specific copy of the board
definitions. The value of these definitions will be changed in
subsequent patches.
The previous delegating/undelegating sequence was incorrect as per the
specification DDI0615, "Architecture Reference Manual Supplement, The
Realm Management Extension (RME), for Armv9-A" Sections A1.1.1 and
A1.1.2
Off topic:
- cleaning the gpt_is_gpi_valid and gpt_check_pass_overlap
Change-Id: Idb64d0a2e6204f1708951137062847938ab5e0ac Signed-off-by: Robert Wakim <robert.wakim@arm.com>
Merge changes I713f6e93,Iac4fbf4d,I43d02c77,Iadecd544,Ib31f9c4a, ... into integration
* changes:
build(intel): enable access to on-chip ram in BL31 for N5X
fix(intel): make FPGA memory configurations platform specific
fix(intel): fix ECC Double Bit Error handling
build(intel): define a macro for SIMICS build
build(intel): add N5X as a new Intel platform
build(intel): initial commit for crypto driver
Olivier Deprez [Tue, 25 May 2021 09:56:01 +0000 (11:56 +0200)]
fix(fvp): op-tee sp manifest doesn't map gicd
Following I2d274fa897171807e39b0ce9c8a28824ff424534:
Remove GICD registers S2 mapping from OP-TEE partition when it runs in a
secure partition on top of Hafnium.
The partition is not meant to access the GIC directly but use the
Hafnium provided interfaces.
Michal Simek [Wed, 9 Mar 2022 07:53:20 +0000 (08:53 +0100)]
fix(xilinx): fix coding style violations
Fix coding style violations and alignments:
- Remove additional newlines in headers
- Remove additional newlines in code
- Add newline to separate variable from the code
- Use the same indentation in platform.mk
- Align function parameters
- Use tabs for indentation in kernel-doc format
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Change-Id: I0b12804ff63bc19778e8f21041f9accba5b488b9
Boon Khai Ng [Fri, 21 May 2021 14:56:37 +0000 (22:56 +0800)]
build(intel): enable access to on-chip ram in BL31 for N5X
This adds the ncore ccu access and enable access to the
on-chip ram for N5X device in BL31.
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com> Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I713f6e93d33b6e91705547477ca32cfba5c8c13d
Sieu Mun Tang [Mon, 28 Feb 2022 07:24:59 +0000 (15:24 +0800)]
fix(intel): make FPGA memory configurations platform specific
Define FPGA_CONFIG_SIZE and FPGA_CONFIG_ADDR in
platform-specific header. This is due to different
allocated sizes between platforms.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com> Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Iac4fbf4d4940cdf31834a9d4332f9292870dee76
Sieu Mun Tang [Mon, 7 Mar 2022 04:13:04 +0000 (12:13 +0800)]
fix(intel): fix ECC Double Bit Error handling
SError and Abort are handled in Linux (EL1) instead of
EL3. This patch adds some functionality that complements the
use cases by Linux as follows:
- Provide SMC for ECC DBE notification to EL3
- Determine type of reset needed and service the request in
place of Linux
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com> Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I43d02c77f28004a31770be53599a5a42de412211
SIMICS builds have different UART configurations compared
to hardware build. Hence, this patch defines a macro to
differentiate between both.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com> Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Iadecd5445e06611486ac3c6a214a6d0dc8ccd27b
Sieu Mun Tang [Mon, 7 Mar 2022 04:04:59 +0000 (12:04 +0800)]
build(intel): add N5X as a new Intel platform
This commit adds a new Intel platform called N5X.
This preliminary patch only have Bl31 support.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com> Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ib31f9c4a5a0dabdce81c1d5b0d4776188add7195
Sieu Mun Tang [Wed, 2 Mar 2022 03:04:09 +0000 (11:04 +0800)]
build(intel): initial commit for crypto driver
This patch adds driver for Intel FPGA's Crypto Services.
These services are provided by Intel platform
Secure Device Manager(SDM) and are made accessible by
processor components (ie ATF).
Below is the list of enabled features:
- Send SDM certificates
- Efuse provision data dump
- Encryption/decryption service
- Hardware IP random number generator
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com> Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: If7604cd1cacf27a38a9a29ec6b85b07385e1ea26
Cortex-A710 erratum 2282622 is a Cat B erratum that applies to revisions
r0p0, r1p0, and r2p0, and is fixed in r2p1. The workaround is to set
CPUACTLR2_EL1[0] to 1, which will force PLDW/PFRM ST to behave like
PLD/PRFM LD and not cause invalidations to other PE caches.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN1775101
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: Ic48409822536e9eacc003300036a1f0489593020
Merge changes I18d47384,Icc3c7424,I73f20d82,I07325644,Iff10ad26, ... into integration
* changes:
fix(zynqmp): query node status to power up APU
feat(zynqmp): pm_api_clock_get_num_clocks cleanup
feat(zynqmp): add feature check support
fix(zynqmp): use common interface for eemi apis
feat(zynqmp): add support to get info of xilfpga
feat(zynqmp): pass ioctl calls to firmware
Yann Gautier [Wed, 9 Feb 2022 16:35:45 +0000 (17:35 +0100)]
fix(st-pmic): add static const to pmic_ops
The static was found by sparse tool:
drivers/st/pmic/stm32mp_pmic.c:456:18: warning: symbol 'pmic_ops'
was not declared. Should it be static?
The const was also missing.
When the atf-handoff-params are updated we are returning
FSBL_HANDOFF_SUCCESS, but the return condition is wrongly
updated and added a error log which is incorrect.
Fixing the incorrect log message.
Yann Gautier [Wed, 2 Mar 2022 13:31:55 +0000 (14:31 +0100)]
refactor(st): configure UART baudrate
Add the possibility to configure console UART baudrate, it can be passed
as a command line parameter with STM32MP_UART_BAUDRATE. The default value
remains 115200.
Yann Gautier [Mon, 28 Feb 2022 17:28:06 +0000 (18:28 +0100)]
feat(st-uart): manage oversampling by 8
UART oversampling by 8 allows higher baud rates for UART. This is
required when (UART freq / baudrate) <= 16. In this case the OVER8 bit
needs to be enabled in CR1 register. And the BRR register management is
different:
USARTDIV = (2 * UART freq / baudrate) (with div round nearest)
BRR[15:4] = USARTDIV[15:4]
BRR[3] = 0
BRR[2:0] = USARTDIV[3:0] >> 1
Yann Gautier [Mon, 28 Feb 2022 16:29:49 +0000 (17:29 +0100)]
fix(st-uart): correctly fill BRR register
To get the nearest divisor for BRR register, we use:
Divisor = (Uart clock + (baudrate / 2)) / baudrate
But lsl was wrongly used instead of lsr to have the division by 2.
Yann Gautier [Fri, 4 Mar 2022 10:08:47 +0000 (11:08 +0100)]
fix(st-clock): initialize pllcfg table
The issue was found by Coverity:
CID 376582: (UNINIT)
Using uninitialized value "*pllcfg[_PLL4]" when calling
"stm32mp1_check_pll_conf".
CID 376582: (UNINIT)
Using uninitialized value "*pllcfg[_PLL3]" when calling
"stm32mp1_check_pll_conf".
Ronak Jain [Tue, 21 Dec 2021 09:39:59 +0000 (01:39 -0800)]
feat(zynqmp): add feature check support
This API returns version of supported APIs.
Here, there are three cases to check API version by using feature
check implementation.
1. Completely implemented in TF-A: I mean the EEMI APIs which are
completely implemented in the TF-A only. So check those IDs and
return appropriate version for the same. Right now, it is base
version.
2. Completely implemented in firmware: I mean the EEMI APIs which are
completely implemented in the firmware only. Here, TF-A only passes
Linux request to the firmware to get the version of supported API. So
check those IDs and send request to firmware to get the version and
return to Linux if the version is supported or return the error code
if the feature is not supported.
3. Partially implemented (Implemented in TF-A and firmware both):
First check dependent EEMI API version with the expected version in
the TF-A. If the dependent EEMI API is supported in firmware then
return its version and check with the expected version in the TF-A.
If the version matches then check for the actual requested EEMI API
version. If the version is supported then return version of API
implemented in TF-A.
Ronak Jain [Fri, 21 Jan 2022 07:11:18 +0000 (23:11 -0800)]
fix(zynqmp): use common interface for eemi apis
Currently all EEMI API has its own implementation in TF-A which is
redundant. Most EEMI API implementation in TF-A does same work. It
prepares payload received from kernel, sends payload to firmware,
receives response from firmware and send response back to kernel.
So use common interface for EEMI APIs which has similar functionality.
This will optimize TF-A code.
Rajan Vaja [Tue, 12 Oct 2021 10:30:09 +0000 (03:30 -0700)]
feat(zynqmp): pass ioctl calls to firmware
Firmware supports new IOCTL for different purposes. To avoid
maintaining new IOCTL IDs in ATF, pass IOCTL call to firmware
for IOCTL IDs implemented in firmware.
Signed-off-by: Rajan Vaja <rajan.vaja@xilinx.com> Signed-off-by: Ronak Jain <ronak.jain@xilinx.com>
Change-Id: Ie14697c8da9581b0f695f4d33f05161ece558385
refactor(mbedtls): allow platform to specify their config file
Common mbedTLS implementation include the fixed configuration
file of mbedTLS and that does not gives flexilibility to the
platform to include their own mbedTLS configuration.
Hence changes are done so that platform can include their own
mbedTLS configuration file.
Channa Kadabi [Mon, 28 Feb 2022 21:35:16 +0000 (13:35 -0800)]
fix(ufs): don't zero out buf before ufs read
ufs_read_blocks always zeros out the buffer before passing
to UFS for DMA. We don't need to zero out buf before reading
from UFS storage, this change remove the memset in ufs_read_blocks.
Yann Gautier [Mon, 28 Feb 2022 10:39:56 +0000 (11:39 +0100)]
fix(stm32mp1): fix enum prints
With gcc-11, the -Wformat-signedness warning complains about enum values
that should be printed as unsigned values. But the current version of
compiler used in CI states that this parameter is signed. Just cast the
value then.
Merge changes I75b3e3bf,I4cf9f1d9,I50d2ae74,Idbe62410,I84bbd06e, ... into integration
* changes:
fix(intel): null pointer handling for resp_len
fix(intel): define macros to handle buffer entries
fix(intel): change SMC return arguments for INTEL_SIP_SMC_MBOX_SEND_CMD
fix(intel): always set doorbell to SDM after sending command
fix(intel): fix bit masking issue in intel_secure_reg_update
fix(intel): fix ddr address range checker
build(changelog): add new scope for Intel platform
Yann Gautier [Mon, 28 Feb 2022 10:34:05 +0000 (11:34 +0100)]
fix(st-clock): print enums as unsigned
With gcc-11, the -Wformat-signedness warning complains about enum values
that should be printed as unsigned values. Change %d to %u for several
lines in the clock driver.
projects / arm-tf.git / log