Set OCRAM as secure region and required privileged access in BL31 to
prevent software running in normal world (non-secure) accessing memory
region in OCRAM which may contain sensitive information (e.g. FSBL,
handoff data)
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: Ib6b24efd69f49cd3f9aa4ef2ea9f1af5ce582bd6 Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
feat(intel): create source file for firewall configuration
Move codes that previously were part of system_manager driver into
firewall driver which are more appropriate based on their functionalities.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I35e9d792f35ee7491c2f306781417a0c8faae3fd Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Refactor NOC header to be shareable across both Stratix 10 and Agilex
platforms. This patch also removes redundant NOC declarations in system
manager header file.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I6348b67a8b54c2ad19327d6b8c25ae37d25e4b4a Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Merge changes Ibe6fd206,Icdca3de6,I72016620,I57a2787c into integration
* changes:
fix(versal): fix coverity scan warnings
feat(versal): get version for ATF related EEMI APIs
feat(versal): enhance PM_IOCTL EEMI API to support additional arg
feat(versal): add common interfaces to handle EEMI commands
Ronak Jain [Fri, 4 Feb 2022 08:42:55 +0000 (00:42 -0800)]
feat(versal): get version for ATF related EEMI APIs
The patch does below things.
1. As per current implementation, when Linux send a request to ATF to
get the version of APIs which are implemented in ATF then ATF wasn't
returning any version because there is a check for LIBPM module id.
The ATF is used to return version for the APIs which are implemented
in the firmware only.
Hence moved this switch-case before checking module id to get ATF
version.
Also, no need to pass Linux request to the firmware for the APIs
which are implemented in ATF instead return success after updating
version.
2. As per current implementation, higher 16-bit is used for ATF
version and lower 16-bit is used for firmware version. Now, removed
16-bit shift operation and send complete word i.e. 32-bit to Linux
user as there is no user who checks ATF version.
3. Add bit mask support in the feature check PM EEMI API for QUERY and
IOCTL ids.
Change-Id: Icdca3de6659f3b673b81a423ed79a3c20b678768 Signed-off-by: Ronak Jain <ronak.jain@xilinx.com> Signed-off-by: Tanmay Shah <tanmay.shah@xilinx.com>
feat(versal): enhance PM_IOCTL EEMI API to support additional arg
Currently, SMC handler is limited to parsing 5 arguments (1 API ID + 4
32-bit command args). Extend this handling to support one more 32-bit
command argument which is necessary to support new IOCTL IDs for
secure read/write interface.
Note that, this change is completely transparent and does not affect
existing functionality of any of the EEMI APIs.
Tanmay Shah [Mon, 9 Aug 2021 18:00:41 +0000 (11:00 -0700)]
feat(versal): add common interfaces to handle EEMI commands
This change adds common interfaces to handle commands from firmware driver
to power management controller. It removes big chunk of source line of code
that was handling each command separately and doing same repetitive work.
EEMI - Embedded Energy Management Interface is Xilinx proprietary
protocol to allow communication between power management controller
and different processing clusters.
As of now, Each EEMI command has its own implementation in TF-A.
This is redundant. Essentially most EEMI command implementation
in TF-A does same work. It prepares payload received from kernel, sends
payload to firmware, receives response from firmware and send response
back to kernel.
The same functionality can be achieved if common interface is used among
multiple EEMI commands. This change divides platform management related
SMCCC requests into 4 categories.
1) EEMI commands required for backward compatibility.
Some EEMI commands are still required for backward compatibility
until removed completely or its use is changed to accommodate
common interface
2) EEMI commands that require for PSCI interface and accessed from debugfs
For example EEMI calls related to CPU suspend/resume
3) TF-A specific requests
Functionality such as getting TF-A version and getting callback
data for platform management is handled by this interface
4) Common interface for rest of EEMI commands
This handlers performs payload and firmware response transaction job for
rest of EEMI commands. Also it parses module ID from SMC payload and inserts
in IPI request. If not module ID is found, then default is LIBPM_MODULE_ID.
This helps in making common path in TF-A for all the modules in PLM firmware
Change-Id: I57a2787c7fff9f2e1d1f9003b3daab092632d57e Signed-off-by: Tanmay Shah <tanmay.shah@xilinx.com>
Upgrade to the latest and greatest 2.x release of Mbed TLS library
(i.e. v2.28.0) to take advantage of their bug fixes.
Note that the Mbed TLS project published version 3.x some time
ago. However, as this is a major release with API breakages, upgrading
to 3.x might require some more involved changes in TF-A, which we are
not ready to do. We shall upgrade to mbed TLS 3.x after the v2.7
release of TF-A.
Upgrade to the latest and greatest 2.x release of Mbed TLS library
(i.e. v2.28.0) to take advantage of their bug fixes.
Note that the Mbed TLS project published version 3.x some time
ago. However, as this is a major release with API breakages, upgrading
to 3.x might require some more involved changes in TF-A, which we are
not ready to do. We shall upgrade to mbed TLS 3.x after the v2.7
release of TF-A.
Actually, the upgrade this time simply boils down to including the new
source code module 'constant_time.c' into the firmware.
To quote mbed TLS v2.28.0 release notes [1]:
The mbedcrypto library includes a new source code module
constant_time.c, containing various functions meant to resist timing
side channel attacks. This module does not have a separate
configuration option, and functions from this module will be
included in the build as required.
As a matter of fact, if one is attempting to link TF-A against mbed
TLS v2.28.0 without the present patch, one gets some linker errors
due to missing symbols from this new module.
Apart from this, none of the items listed in mbed TLS release
notes [1] directly affect TF-A. Special note on the following one:
Fix a bug in mbedtls_gcm_starts() when the bit length of the iv
exceeds 2^32.
In TF-A, we do use mbedtls_gcm_starts() when the firmware decryption
feature is enabled with AES-GCM as the authenticated decryption
algorithm (DECRYPTION_SUPPORT=aes_gcm). However, the iv_len variable
which gets passed to mbedtls_gcm_starts() is an unsigned int, i.e. a
32-bit value which by definition is always less than 2**32. Therefore,
we are immune to this bug.
With this upgrade, the size of BL1 and BL2 binaries does not appear to
change on a standard sample test build (with trusted boot and measured
boot enabled).
However, this page is now deprecated, as indicated by the banner at
the top of the page. When navigating to the new recommended page, one
can see the following note, which provides the rationale for the
deprecation:
GNU Toolchain releases from Arm were published previously as two
separate releases - one for A-profile and the other for R & M
profiles (GNU Toolchain for A-profile processors and GNU Arm
Embedded Toolchain).
Arm GNU Toolchain releases unifies these two into a single release
and the previous way of releases therefore have been
discontinued. However, the previous releases will continue to be
available for reference.
This patch updates the link to the new recommended place for compiler
downloads.
Merge changes from topic "ffa_el3_spmc" into integration
* changes:
feat(spmc): add support for direct req/resp
feat(spmc): add support for handling FFA_ERROR ABI
feat(spmc): add support for FFA_MSG_WAIT
feat(spmc): add function to determine the return path from the SPMC
feat(spmd): enable handling of FF-A SMCs with the SPMC at EL3
feat(spmd): update SPMC init flow to use EL3 implementation
feat(spmc): add FF-A secure partition manager core
feat(spmc): prevent read only xlat tables with the EL3 SPMC
feat(spmc): enable building of the SPMC at EL3
refactor(spm_mm): reorganize secure partition manager code
With the transition to mailman3, the URLs of TF-A and TF-A Tests
mailing lists have changed. However, we still refer to the old
location, which are now dead links.
Update all relevant links throughout the documentation.
There is one link referring to a specific thread on the TF-A mailing
list in the SPM documentation, for which I had to make a guess as to
what's the equivalent mailman3 URL. The old URL scheme indicates that
the thread dates from February 2020 but beyond that, I could not make
sense of the thread id within the old URL so I picked the most likely
match amongst the 3 emails posted on the subject in this time period.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com> Reported-by: Kuohong Wang <kuohong.wang@mediatek.com>
Change-Id: I83f4843afd1dd46f885df225931d8458152dbb58
Marc Bonnici [Fri, 10 Dec 2021 09:21:56 +0000 (09:21 +0000)]
feat(spmc): add support for handling FFA_ERROR ABI
This ABI is only valid during SP initialisation to indicate
failure. If this occurs during SP initialisation signal a failure,
otherwise respond with a not supported error code.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I0182a1641c0f6850e82173af333be79b594f2318
Marc Bonnici [Mon, 29 Nov 2021 17:05:33 +0000 (17:05 +0000)]
feat(spmc): add support for FFA_MSG_WAIT
Handle an incoming call of FFA_MSG_WAIT from the secure world
and update the runtime state of the calling partition accordingly.
This ABI can be called in the following scenarios:
- Used by an SP to signal it has finished initializing.
- To resume the normal world after handling a secure interrupt
that interrupted the normal world.
- To relinquish control back to the normal world.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I929713a2280e8ec291b5b4e8f6d4b49df337228c
Marc Bonnici [Mon, 29 Nov 2021 17:17:29 +0000 (17:17 +0000)]
feat(spmc): add function to determine the return path from the SPMC
Use knowledge of the target partition ID and source security state
to determine which route should be used to exit the SPMC.
There are 3 exit paths:
1) Return to the normal world via the SPMD, this will take care of
switching contexts if required.
2) Return to the secure world when the call originated in the normal
world and therefore switch contexts.
3) Return to the secure world when the call originated in the secure
world, therefore we can return directly.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I4037f3a8a8519e2c9f1876be92806d2c41d0d154
Marc Bonnici [Mon, 29 Nov 2021 18:02:45 +0000 (18:02 +0000)]
feat(spmd): enable handling of FF-A SMCs with the SPMC at EL3
Any FF-A SMC that arrives from the normal world is handled by the
SPMD before being forwarded to the SPMC. Similarly any SMC
arriving from the secure world will hit the SPMC first and be
forwarded to the SPMD if required, otherwise the SPMC will
respond directly.
This allows for the existing flow of handling FF-A ABI's when
the SPMC resides at a lower EL to be preserved.
In order to facilitate this flow the spmd_smc_forward function
has been split and control is either passed to the SPMC or it is
forwarded as before. To allow this the flags and cookie parameters
must now also be passed into this method as the SPMC must be able to
provide these when calling back into the SPMD handler as appropriate.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I84fee8390023295b9689067e14cd25cba23ca39b
Marc Bonnici [Mon, 29 Nov 2021 17:57:03 +0000 (17:57 +0000)]
feat(spmd): update SPMC init flow to use EL3 implementation
Allow the SPMD to initialise an SPMC implementation at EL3 directly
rather than at a lower EL.
This includes removing the requirement to parse an SPMC manifest to
obtain information about the SPMC implementation, in this case since the
SPMD and SPMC reside in the same EL we can hardcode the required
information directly.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I66d1e1b3ec2d0abbfc28b011a32445ee890a331d
This patch introduces the core support for enabling an SPMC in EL3
as per the FF-A spec.
The current implemented functionality is targeted to enable
initialization of the SPMC itself and initial support for
bringing up a single S-EL1 SP.
This includes initialization of the SPMC's internal state,
parsing of an SP's manifest, preparing the cpu contexts and
appropriate system registers for the Secure Partition.
The spmc_smc_handler is the main handler for all incoming SMCs
to the SPMC, FF-A ABI handlers and functionality will
be implemented in subsequent patches.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: Ib33c240b91e54cbd018a69fec880d02adfbe12b9
Merge changes from topic "st_nvmem_layout" into integration
* changes:
refactor(stm32mp1-fdts): remove nvmem_layout node
refactor(stm32mp1): drop the "st,stm32-nvmem-layout" node
refactor(st): remove useless includes
The current implementation uses plat_arm API under generic code.
"plat_arm" API is a convention used with Arm common platform layer
and is reserved for that purpose. In addition, the function has a
weak definition which is not encouraged in TF-A.
Henceforth, removing the weak API with a configurable macro "TWED_DELAY"
of numeric data type in generic code and simplifying the implementation.
By default "TWED_DELAY" is defined to zero, and the delay value need to
be explicitly set by the platforms during buildtime.
feat(spmc): prevent read only xlat tables with the EL3 SPMC
If using the EL3 SPMC ensure that we don't mark the translation
tables as read only. The SPMC requires the ability to map and
unmap a partitions RX/TX buffers at runtime.
Signed-off-by: Sayanta Pattanayak <sayanta.pattanayak@arm.com> Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: Ibb78a6a2e3847ce4ec74ce81a9bb61ce34fec24c
Marc Bonnici [Wed, 1 Dec 2021 18:00:40 +0000 (18:00 +0000)]
feat(spmc): enable building of the SPMC at EL3
Introduce build flag for enabling the secure partition
manager core, SPMC_AT_EL3. When enabled, the SPMC module
will be included into the BL31 image. By default the
flag is disabled.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I5ea1b953e5880a07ffc91c4dea876a375850cf2a
Zelalem Aweke [Mon, 31 Jan 2022 22:59:42 +0000 (16:59 -0600)]
refactor(context mgmt): add cm_prepare_el3_exit_ns function
As part of the RFC:
https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/13651,
this patch adds the 'cm_prepare_el3_exit_ns' function. The function is
a wrapper to 'cm_prepare_el3_exit' function for Non-secure state.
When EL2 sysregs context exists (CTX_INCLUDE_EL2_REGS is
enabled) EL1 and EL2 sysreg values are restored from the context
instead of directly updating the registers.
Zelalem Aweke [Wed, 2 Feb 2022 21:29:13 +0000 (15:29 -0600)]
refactor(mpam): remove initialization of EL2 registers when EL2 is used
The patch removes initialization of MPAM EL2 registers when an EL2
software exists. The patch assumes the EL2 software will perform
the necessary initializations of the registers.
Zelalem Aweke [Wed, 5 Jan 2022 23:12:24 +0000 (17:12 -0600)]
refactor(context mgmt): refactor the cm_setup_context function
This patch splits the function 'cm_setup_context' into four
functions to make it more readable and easier to maintain.
The function is split into the following functions based on
the security state of the context.
- setup_context_common - performs common initializations
- setup_secure_context - performs Secure state specific
initializations
- setup_realm_context - performs Realm state specific
initializations
- setup_ns_context - performs Non-secure state specific
initializations
Zelalem Aweke [Wed, 3 Nov 2021 18:31:53 +0000 (13:31 -0500)]
refactor(context mgmt): remove registers accessible only from secure state from EL2 context
The following registers are only accessible from secure state,
therefore don't need to be saved/restored during world switch.
- SDER32_EL2
- VSTCR_EL2
- VSTTBR_EL2
This patch removes these registers from EL2 context.
Bipin Ravi [Tue, 8 Mar 2022 16:37:43 +0000 (10:37 -0600)]
fix(errata): workaround for Cortex-X2 erratum 2147715
Cortex-X2 erratum 2147715 is a Cat B erratum that applies to revision
r2p0 and is fixed in r2p1. The workaround is to set CPUACTLR_EL1[22]=1,
which will cause the CFP instruction to invalidate all branch predictor
resources regardless of context.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN1775100/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I2d81867486d9130f2c36cd4554ca9a8f37254b57
The reported function raises a error when compilers assert the flag
`-Warray-parameter=`, signaling that an array-type argument was promoted
to a pointer-type argument. We observed this behaviour with the gcc 11.2
version.
plat/xilinx/common/pm_service/pm_ipi.c:263:34: error: argument 1 of type 'uint32_t *'
{aka 'unsigned int *'} declared as a pointer [-Werror=array-parameter=]
263 | uint32_t calculate_crc(uint32_t *payload, uint32_t bufsize)
| ~~~~~~~~~~^~~~~~~
In file included from plat/xilinx/common/pm_service/pm_ipi.c:16:
plat/xilinx/common/include/pm_ipi.h:30:33: note: previously declared as an array 'uint32_t[8]'
{aka 'unsigned int[8]'}
30 | uint32_t calculate_crc(uint32_t payload[PAYLOAD_ARG_CNT], uint32_t buffersize);
| ~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
cc1.real: all warnings being treated as errors
is_lock_acquired() function is only used in assert() statements, so when
compiling without asserts, e.g. with DEBUG=0, the function is unused.
this is okay when compiling with gcc because the function is marked as
inline but that doesn't work for clang. let's mark this as __unused to
avoid -Wunused-function warning-as-error.
In preparation for adding the EL3 SPMC configuration as defined in
the FF-A specification, restructure the existing SPM_MM code.
With this restructuring of the code, the 'spm_mm' directory is
renamed as 'spm' and the code inside has been split into two
sub-directories named 'common' and 'spm_mm'. The code in 'spm_mm'
directory contains the code that implements the MM interface.
In subsequent patches, the 'spmc' directory will be introduced
under the 'spm' directory providing the code that implements
the 'FF-A' interface.
Currently the common functionality for S-EL1 partitions is
limited to assembler functions to enter and exit an SP
synchronously.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I37739b9b53bc68e151ab5c1c0c6a15b3ee362241
Merge changes I573e6478,I52dc3bee,I7e543664 into integration
* changes:
feat(gic600ae_fmu): enable all GICD, PPI, ITS SMs
feat(gic600ae_fmu): disable SMID for unavailable blocks
feat(gic600ae_fmu): introduce support for RAS error handling
We no longer need to pass special flags to the device tree compiler
for measured boot. These are a left over from the days where we used
to pass BL2 measurement to BL2 image via TB_FW configuration file.
This should have been removed as part of commit eab78e9ba4e36da27
("refactor(measured_boot): remove passing of BL2 hash via device
tree") but was missed at the time.
Add some entries in blx_symbols, that are used when the flag
SEPARATE_CODE_AND_RODATA is not enabled (__RO_* and __TEXT_RESIDENT_*).
Add all new symbols that were not yet present in the script.
Correct __BSS_END to __BSS_END__, and add __BSS_START__.
Add new *_XLAT_TABLE_* symbols.
As those strings are longer than 22, update display format string to
be dependent on the longest string.
The script also skips lines for which the _START__ and _END__
symbols have the same address (empty sections).
Varun Wadekar [Tue, 25 Jan 2022 11:39:28 +0000 (03:39 -0800)]
feat(gic600ae_fmu): disable SMID for unavailable blocks
This patch updates the gic600_fmu_init function to disable all safety
mechanisms for a block ID that is not present on the platform. All
safety mechanisms for GIC-600AE are enabled by default and should be
disabled for blocks that are not present on the platform to avoid
false positive RAS errors.
feat(bl_common): add XLAT tables symbols in linker script
Add __BASE_XLAT_TABLE_START__/_END__ and __XLAT_TABLE_START__/_END__
symbols in the linker script to have them in the .map file.
This allows displaying those areas when running memory map script.
Varun Wadekar [Mon, 24 Jan 2022 13:45:15 +0000 (05:45 -0800)]
feat(gic600ae_fmu): introduce support for RAS error handling
The GIC-600AE uses a range of RAS features for all RAMs, which include
SECDED, ECC, and Scrub, software and bus error reporting. The GIC makes
all necessary information available to software through Armv8.2 RAS
architecture compliant register space.
This patch introduces support to probe the FMU_ERRGSR register to find
the right error record. Once the correct record is identified, the
"handler" function queries the FMU_ERR<m>STATUS register to further
identify the block ID, safety mechanism and the architecturally defined
primary error code. The description of the error is displayed on the
console to simplify debug.
Adding the newly introduced build flags for feature enablement of the
following features:
1.FEAT_AMUv1p1 - ENABLE_FEAT_AMUv1p1
2.FEAT_CSV2_2 - ENABLE_FEAT_CSV2_2
3.FEAT_VHE - ENABLE_FEAT_VHE
4.FEAT_DIT - ENABLE_FEAT_DIT
5.FEAT_SB - ENABLE_FEAT_SB
6.FEAT_SEL2 - ENABLE_FEAT_SEL2
Also as part of feature detection mechanism, we now support three
states for each of these features, allowing the flags to take either
(0 , 1 , 2) values. Henceforth the existing feature build options are
converted from boolean to numeric type and is updated accordingly
in this patch.
The build flags take a default value and will be internally enabled
when they become mandatory from a particular architecture version
and upwards. Platforms have the flexibility to overide this
internal enablement via this feature specific explicit build flags.
The fdt_getprop() function sets the length to -1 if the property is not
found. We should then not use it later in stm32_clk_parse_fdt_by_name()
in that case. Directly set *nb to 0U and return 0 if the property is not
found.
Yann Gautier [Mon, 28 Mar 2022 11:37:01 +0000 (13:37 +0200)]
fix(st): remove extra chars from dtc version
In some implementations of dtc tool (e.g. with yocto), there can be a 'v'
at the beginning of the version, and a '+' at the end. Just keep numbers
then, with a grep -o.
Boon Khai Ng [Thu, 5 Aug 2021 17:16:46 +0000 (01:16 +0800)]
feat(intel): add macro to switch between different UART PORT
HSD #1509626040:
This patch is to add the flexibility for BL2 and BL31
to choose different UART output port at platform_def.h
using parameter PLAT_INTEL_UART_BASE
This patch also fixing the plat_helpers.S where the
UART BASE is hardcoded to PLAT_UART0_BASE. It is then
switched to CRASH_CONSOLE_BASE.
Signed-off-by: Boon Khai Ng <boon.khai.ng@intel.com>
Change-Id: Iccfa7ec64e4955b531905778be4da803045d3c8f
refactor(el3-runtime): replace ARM_ARCH_AT_LEAST macro with FEAT flags
Replacing ARM_ARCH_AT_LEAST macro with feature specific build options
to prevent unconditional accesses to the registers during context save
and restore routines.
Registers are tightly coupled with features more than architecture
versions. Henceforth having a feature-specific build flag guarding the
respective registers, will restrict any undefined actions.
This patch adds architectural features detection procedure to ensure
features enabled are present in the given hardware implementation.
It verifies whether the architecture build flags passed during
compilation match the respective features by reading their ID
registers. It reads through all the enabled feature specific ID
registers at once and panics in case of mismatch(feature enabled
but not implemented in PE).
Feature flags are used at sections (context_management,
save and restore routines of registers) during context switch.
If the enabled feature flag is not supported by the PE, it causes an
exception while saving or restoring the registers guarded by them.
With this mechanism, the build flags are validated at an early
phase prior to their usage, thereby preventing any undefined action
under their control.
This implementation is based on tristate approach for each feature and
currently FEAT_STATE=0 and FEAT_STATE=1 are covered as part of this
patch. FEAT_STATE=2 is planned for phase-2 implementation and will be
taken care separately.
The patch has been explicitly tested, by adding a new test_config
with build config enabling majority of the features and detected
all of them under FVP launched with parameters enabling v8.7 features.
Note: This is an experimental procedure and the mechanism itself is
guarded by a macro "FEATURE_DETECTION", which is currently being
disabled by default.
The "FEATURE_DETECTION" macro is documented and the platforms are
encouraged to make use of this diagnostic tool by enabling this
"FEATURE_DETECTION" flag explicitly and get used to its behaviour
during booting before the procedure gets mandated.
There are plans to contribute a generic MHU driver to the TF-A code
base in the short term.
In preparation for this, rename the Corstone-700 MHU driver source
files and prefix them with the name of the platform to avoid any
ambiguity or name clashes with the upcoming generic MHU driver. Also
rename the header guard accordingly.
This renaming is inline with other platform-specific MHU drivers, such
as the ones used on Broadcom [1], Socionext [2] or Amlogic [3] platforms.
Yann Gautier [Mon, 28 Mar 2022 15:49:38 +0000 (17:49 +0200)]
refactor(stm32mp1): update backup reg for FWU
Change the backup register used to store FWU parameters from 21 to 10.
This is chosen to have a Read/Write secure and Read non-secure register.
The mapping is also changed: only the first 4 bits will be used to store
the FWU index. The 4 next bits will be used to store count info. The
other bits are reserved.
Signed-off-by: Yann Gautier <yann.gautier@st.com> Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Change-Id: I9249768287ec5688ba2d8711ce04d429763543d7
Joanna Farley [Mon, 28 Mar 2022 15:40:59 +0000 (17:40 +0200)]
Merge changes from topics "ls1088a", "ls1088a-prepare" into integration
* changes:
docs(layerscape): add ls1088a soc and board support
feat(ls1088aqds): add ls1088aqds board support
feat(ls1088ardb): add ls1088ardb board support
feat(ls1088a): add new SoC platform ls1088a
build(changelog): add new scopes for ls1088a
feat(bl2): add support to separate no-loadable sections
refactor(layerscape): refine comparison of inerconnection
feat(layerscape): add soc helper macro definition for chassis 3
feat(nxp-gic): add some macros definition for gicv3
feat(layerscape): add CHASSIS 3 support for tbbr
feat(layerscape): define more chassis 3 hardware address
feat(nxp-crypto): add chassis 3 support
feat(nxp-dcfg): add Chassis 3 support
feat(lx2): enable DDR erratas for lx2 platforms
feat(layerscape): print DDR errata information
feat(nxp-ddr): add workaround for errata A050958
feat(layerscape): add new soc errata a010539 support
feat(layerscape): add new soc errata a009660 support
feat(nxp-ddr): add rawcard 1F support
fix(layerscape): fix build issue of mmap_add_ddr_region_dynamically
fix(nxp-tools): fix create_pbl print log
build(changelog): add new scopes for NXP driver
Soby Mathew [Tue, 22 Mar 2022 16:21:19 +0000 (16:21 +0000)]
feat(rme): add dummy realm attestation key to RMMD
Add a dummy realm attestation key to RMMD, and return it on request.
The realm attestation key is requested with an SMC with the following
parameters:
* Fid (0xC400001B2).
* Attestation key buffer PA (the realm attestation key is copied
at this address by the monitor).
* Attestation key buffer length as input and size of realm
attesation key as output.
* Type of elliptic curve.
projects / arm-tf.git / log