Chris Kay [Thu, 26 Jan 2023 18:31:52 +0000 (18:31 +0000)]
build(sp-min): sort sections by alignment by default
This change forces LD to sort all input sections by alignment when
allocating them within an output section. This is done in some places
explicitly in the linker scripts today, but this makes sure we don't
miss any easy targets.
Change-Id: I33d5044e4d34a9d1187d0935ffc03d1f1177e340 Signed-off-by: Chris Kay <chris.kay@arm.com>
Chris Kay [Thu, 26 Jan 2023 18:31:52 +0000 (18:31 +0000)]
build(bl31): sort sections by alignment by default
This change forces LD to sort all input sections by alignment when
allocating them within an output section. This is done in some places
explicitly in the linker scripts today, but this makes sure we don't
miss any easy targets.
Change-Id: Iadcd38a66a7a9f4b2af3adbc0487a15091486b17 Signed-off-by: Chris Kay <chris.kay@arm.com>
Chris Kay [Thu, 26 Jan 2023 18:31:52 +0000 (18:31 +0000)]
build(bl2u): sort sections by alignment by default
This change forces LD to sort all input sections by alignment when
allocating them within an output section. This is done in some places
explicitly in the linker scripts today, but this makes sure we don't
miss any easy targets.
Change-Id: I2745327ed106295e0e0d3a54b3096514a1403c3c Signed-off-by: Chris Kay <chris.kay@arm.com>
Chris Kay [Thu, 26 Jan 2023 18:31:52 +0000 (18:31 +0000)]
build(bl2): sort sections by alignment by default
This change forces LD to sort all input sections by alignment when
allocating them within an output section. This is done in some places
explicitly in the linker scripts today, but this makes sure we don't
miss any easy targets.
Change-Id: Id70be2a5399c4c75fcf2a736cab0991d20a6b863 Signed-off-by: Chris Kay <chris.kay@arm.com>
Chris Kay [Fri, 6 Jan 2023 11:02:00 +0000 (11:02 +0000)]
build(bl1): sort sections by alignment by default
This change forces LD to sort all input sections by alignment when
allocating them within an output section. This is done in some places
explicitly in the linker scripts today, but this makes sure we don't
miss any easy targets.
Change-Id: I69d6acea822036a6365a7ea10fa732b5e0387f52 Signed-off-by: Chris Kay <chris.kay@arm.com>
Rob Newberry [Thu, 30 Mar 2023 17:43:21 +0000 (10:43 -0700)]
fix(rpi3): initialize SD card host controller
Add initial configuration parameters for Rasperry Pi 3's sdhost
controller, and then configure and use those parameters.
This change allows warm reboots of UEFI on Raspberry Pi 3B+ where
existing code often fails with "unknown error". See discussion at:
https://github.com/pftf/RPi3/issues/24
The basic idea is that some initial configuration parameters
(clock rate, bus width) aren't configured into the hardware before
commands start being sent. I suspect that the particular setting
that matters is the "slow card" bit, but the initial clock setting
also seemed wrong to me.
Change-Id: I526def340def143f23f3422f1fc14c12c937ca7f Signed-off-by: Rob Newberry <robthedude@mac.com>
Juan Pablo Conde [Wed, 22 Feb 2023 16:09:52 +0000 (10:09 -0600)]
feat(hcx): initialize HCRX_EL2 to its default value
The value of register HCRX_EL2 is UNKNOWN out of reset. This can
affect the behavior in lower exception levels, such as traps to
EL2 due to a wrong configuration of the register upon reset.
This patch initializes the register at EL3 and disables all traps
related to it.
On the other hand, new fields have been introduced for HCRX_EL2,
which are now defined in this patch, so they can be used in
further development.
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: I0bf1e949aa0d3be9f227358ad088a1ecb96ce222
Mark Brown [Tue, 14 Mar 2023 20:48:43 +0000 (20:48 +0000)]
feat(pie/por): support permission indirection and overlay
Arm v8.9 introduces a series of features providing a new way to set memory
permissions. Instead of directly encoding the permissions in the page
tables the PTEs contain indexes into an array of permissions stored in
system registers, allowing greater flexibility and density of encoding.
Enable access to these features for EL2 and below, context switching the
newly added EL2 registers as appropriate. Since all of FEAT_S[12]P[IO]E
are separately discoverable we have separate build time options for
enabling them, but note that there is overlap in the registers that they
implement and the enable bit required for lower EL access.
Change the FVP platform to default to handling them as dynamic options so
the right decision can be made by the code at runtime.
Signed-off-by: Mark Brown <broonie@kernel.org>
Change-Id: Icf89e444e39e1af768739668b505661df18fb234
Fix coverity finding in psci_cpu_on, in which target_idx is directly
assigned the return value from plat_core_pos_by_mpidr. If the latter
returns a negative or large positive value, it can trigger an out of
bounds overflow for the psci_cpu_pd_nodes array.
>>>> CID 382009: (OVERRUN)
>>>> Overrunning callee's array of size 8 by passing argument "target_idx" (which evaluates to 4294967295) in call to "psci_spin_lock_cpu".
> 80 psci_spin_lock_cpu(target_idx);
>>>> CID 382009: (OVERRUN)
>>>> Overrunning callee's array of size 8 by passing argument "target_idx" (which evaluates to 4294967295) in call to "psci_spin_unlock_cpu".
> 160 psci_spin_unlock_cpu(target_idx);
If PLATFORM_STACK_SIZE not already defined, use the default value of
PLATFORM_STACK_SIZE.
This makes the stack size value configurable for different interface
like custom packages.
Signed-off-by: Amit Nagal <amit.nagal@amd.com> Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Change-Id: I87e9fcbfb4c4092378b1ac0ff8fb6d084495d320
docs(porting): refer the reader back to the threat model
When porting TF-A to a new platform, it is essential to read the
threat model documents in conjunction with the porting guide to
understand the security responsibilities of each platform interface
to implement.
Add a note to highlight this in the porting guide.
docs(porting): move porting guide upper in table of contents
The porting guide is currently hosted under the 'Getting started'
section. Yet, porting the full firmware to a new platform is probably
not the first thing that one would do. Before delving into the
details, one would probably start by building the code for an emulated
platform, such as Arm FVP.
Furthermore, the porting guide is such a big and important document
that it probably deserves being visible in the main table of contents.
Thus, move it just above the list of supported platforms.
fix(intel): update boot scratch to indicate to Uboot is PSCI ON
There is a use case where kernel requested ATF to power off/on only CPU0.
However, after ATF power off/on CPU0, CPU0 did not back into the state
to wait for ATF. Instead, CPU0 continue to reentry SPL boot sequence
because CPU0 is master/primary core. This causing the system reboot from
SPL again, while the slave core still in kernel.
To resolve this, ATF is set the boot scratch register 8 bit 17 whenever
it is a request from kernel to power off/on only CPU0. So, if this boot
scratch bit is set, CPU 0 will be able to put into a state to wait for
ATF.
Qemu-tcg with GICv3 emulation enabled will by default configure MPIDR
topology to report up to 16 cpus per cluster. This is NOT overriden by
qemu's -smp setting, e.g. -smp 8,clusters=2,cores=4,threads=1 will still
generate MPIDR reads as if all 8 CPUs were within one cluster.
Increase the hardcoded limit to reflect that so that we accept PSCI
calls that provide MPIDRs based on what was actually read from the
emulated CPU.
Andre Przywara [Tue, 4 Apr 2023 15:52:25 +0000 (16:52 +0100)]
fix(imx8mq): fix compilation with gcc >= 12.x
Starting with GCC >= 12.x the -Wall option includes -Werror=array-bounds
checks. Per default GCC treats all memory accesses below 4096 as NULL,
so access to ROMAPI causes the following warning:
------------
In file included from plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c:20:
In function 'mmio_read_8',
inlined from 'imx8mq_soc_info_init' at plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c:70:16,
inlined from 'bl31_platform_setup' at plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c:206:2:
include/lib/mmio.h:19:16: error: array subscript 0 is outside array bounds of 'volatile uint8_t[0]' {aka 'volatile unsigned char[]'} [-Werror=array-bounds]
19 | return *(volatile uint8_t*)addr;
| ^~~~~~~~~~~~~~~~~~~~~~~~
In function 'mmio_read_8',
inlined from 'imx8mq_soc_info_init' at plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c:74:16,
inlined from 'bl31_platform_setup' at plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c:206:2:
include/lib/mmio.h:19:16: error: array subscript 0 is outside array bounds of 'volatile uint8_t[0]' {aka 'volatile unsigned char[]'} [-Werror=array-bounds]
19 | return *(volatile uint8_t*)addr;
| ^~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
------------
This comes arguably from us somewhat abusing pointers to access MMIO
memory regions, which is not really covered by the C language.
Replace the pointer-dereferencing mmio_read_8() with an implementation
that uses inline assembly, to directly generate an 8-bit load
instruction. This avoids the compiler thinking that this access is using
a pointer it needs to jealously look after.
Change-Id: Iab39f6f615d51d3e8a1c54a1262d1e6ec208811d Reported-by: Marco Felsch <m.felsch@pengutronix.de> Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Govindraj Raja [Mon, 13 Mar 2023 12:09:12 +0000 (12:09 +0000)]
feat(cpus): add support for blackhawk cpu
Add basic CPU library code to support the Blackhawk CPU,
BlackHawk core is based out of Hunter ELP core,
so overall library code was adapted based on that.
Change-Id: I4750e774732218ee669dceb734cd107f46b78492 Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Govindraj Raja [Fri, 10 Mar 2023 10:38:54 +0000 (10:38 +0000)]
feat(cpus): add support for chaberton cpu
Add basic CPU library code to support the Chaberton CPU,
Chaberton cores are based out of Hunter core, so overall
library code was adapted based on that.
Change-Id: I58321c77f2c364225a764da6fa65656d1bec33f1 Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
fix(fvp): work around DRTM_SUPPORT BL31 progbits exceeded
Just like the tspd, DRTM support pulls in a lot of code which can't fit
into SRAM with everything else the fvp is including. Luckily, testing
this feature is only done on v8.0 models, meaning all feature related
code can be excluded for this run, saving space. The benefit of doing it
this way is that the test can continue running unaltered in the interim.
Merge changes from topic "ethos-n" into integration
* changes:
docs(maintainers): update NPU driver files
docs(ethos-n): update porting-guide.rst for NPU
feat(ethos-n): add separate RO and RW NSAIDs
feat(ethos-n)!: add protected NPU firmware setup
feat(ethos-n): add stream extends and attr support
feat(ethos-n): add reserved memory address support
feat(ethos-n): add event and aux control support
feat(ethos-n): add SMC call to get FW properties
refactor(ethos-n): split up SMC call handling
feat(ethos-n): add NPU firmware validation
feat(ethos-n): add check for NPU in SiP setup
feat(ethos-n)!: load NPU firmware at BL2
feat(juno): support ARM_IO_IN_DTB option for Juno
fix(fconf): fix FCONF_ARM_IO_UUID_NUMBER value
fix(fvp): incorrect UUID name in FVP tb_fw_config
fix(ethos-n): add workaround for erratum 2838783
feat(ethos-n): add support for NPU to cert_create
feat(ethos-n): add NPU support in fiptool
feat(ethos-n): add support to set up NSAID
build(fiptool): add object dependency generation
feat(ethos-n): add NPU sleeping SMC call
feat(ethos-n): add multiple asset allocators
feat(ethos-n): add reset type to reset SMC calls
feat(ethos-n): add protected NPU TZMP1 regions
build(ethos-n): add TZMP1 build flag
The top-level page for threat model documents is evidently out-dated,
as it contains text which no longer makes sense on its own. Most
likely it relates back to the days where we had a single threat model
document.
Reword it accordingly. While we are at it, explain the motivation and
structure of the documents.
Andre Przywara [Wed, 29 Mar 2023 11:05:19 +0000 (12:05 +0100)]
fix(psci): remove unreachable switch/case blocks
The PSCI function dispatcher switch/case is split up between 32-bit and
64-bit function IDs, based on bit 30 of the encoding. This bit just
encodes the maximum size of the arguments, not necessarily whether they
are used from AArch64 or AArch32. So while some functions exist in both
worlds (CPU_ON, for instance), some functions take no or only 32-bit
arguments (CPU_OFF, PSCI_FEATURES), so they only exist as a 32-bit
function call.
Commit b88a4416b5e5 ("feat(psci): add support for PSCI_SET_SUSPEND_MODE"
, gerrit ID Iebf65f5f7846aef6b8643ad6082db99b4dcc4bef) and commit 9a70e69e0598 ("feat(psci): update PSCI_FEATURES", gerrit ID
I5da8a989b53419ad2ab55b73ddeee6e882c25554) introduced two "case"
sections for 32-bit function IDs in the 64-bit branch, which will never
trigger. The one small extra case caused the sun50i_a64 DEBUG build to
go beyond its RAM limit.
Removed the redundant switch/case blocks, to make sun50i_a64 build
again.
Change-Id: Ic65b7403d128837296a0c3af42c6f23f9f57778e Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Mikael Olsson [Tue, 28 Mar 2023 13:51:49 +0000 (15:51 +0200)]
docs(maintainers): update NPU driver files
New files have been added for the Arm(R) Ethos(TM)-N NPU driver with the
addition of TZMP1 support so the files in the maintainers list have been
updated accordingly.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I3768b2ab78c117c1dd4fc03b38cf35f6811fa378
Rob Hughes [Mon, 20 Feb 2023 12:03:52 +0000 (12:03 +0000)]
docs(ethos-n): update porting-guide.rst for NPU
Add some missing configuration that must be done for supporting NPU on
other platforms.
Signed-off-by: Rob Hughes <robert.hughes@arm.com> Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: Ic505ea60f73b970d0d7ded101830eb2ce8c7ab64
Mikael Olsson [Tue, 14 Mar 2023 17:29:06 +0000 (18:29 +0100)]
feat(ethos-n): add separate RO and RW NSAIDs
To be able to further restrict the memory access for the Arm(R)
Ethos(TM)-N NPU, separate read-only and read/write NSAIDs for the
non-protected and protected memory have been added to the Juno
platform's TZMP1 TZC configuration for the NPU.
The platform definition has been updated accordingly and the NPU driver
will now only give read/write access to the streams that require it.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I5a173500fc1943a5cd406a3b379e1f1f554eeda6
Mikael Olsson [Fri, 10 Feb 2023 15:59:23 +0000 (16:59 +0100)]
feat(ethos-n)!: add protected NPU firmware setup
When the Arm(R) Ethos(TM)-N NPU driver is built with TZMP1 support, the
NPU should use the firmware that has been loaded into the protected
memory by BL2. The Linux Kernel NPU driver in the non-secure world is
not allowed to configure the NPU to do this in a TZMP1 build so the SiP
service will now configure the NPU to boot with the firmware in the
protected memory.
BREAKING CHANGE: The Linux Kernel NPU driver can no longer directly
configure and boot the NPU in a TZMP1 build. The API version has
therefore been given a major version bump with this change.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I65d00f54b3ade3665d7941e270da7a3dec02281a
Mikael Olsson [Fri, 10 Feb 2023 15:59:03 +0000 (16:59 +0100)]
feat(ethos-n): add stream extends and attr support
The SiP service for the Arm(R) Ethos(TM)-N NPU driver will now handle
setting up the address extension and attribute control for the NPU's
streams. The non-secure world will still be allowed to read the address
extension for stream0 but non-secure access to all other streams have
been removed.
The API version has been given a minor bump with this change to indicate
the added functionality.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I2b041ca4a0a2b5cd6344a4ae144f75e137c72592
Mikael Olsson [Fri, 10 Feb 2023 10:39:40 +0000 (11:39 +0100)]
feat(ethos-n): add reserved memory address support
The FCONF parsing of the HW_CONFIG for the Arm(R) Ethos(TM)-N NPU now
supports reading the address of the reserved memory setup for the NPU so
the address can be used in the SiP service for the NPU.
Change-Id: I0968255a966e84896b00ea935d6aa3d5232c5f7b Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Mikael Olsson [Fri, 10 Feb 2023 10:36:19 +0000 (11:36 +0100)]
feat(ethos-n): add event and aux control support
The SiP service for the Arm(R) Ethos(TM)-N NPU driver will now handle
setting up the NPU's event and aux control registers during the SMC
reset call. The aux control register will no longer be accessible by the
non-secure world.
The API version has been given a minor bump with this change to indicate
the added functionality.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I5b099e25978aa4089c384eb17c5060c5b4eaf373
Mikael Olsson [Fri, 27 Jan 2023 17:53:48 +0000 (18:53 +0100)]
feat(ethos-n): add SMC call to get FW properties
When the Arm(R) Ethos(TM)-N NPU firmware is loaded by BL2 into protected
memory, the Linux kernel NPU driver cannot access the firmware. To still
allow the kernel driver to access some information about the firmware,
SMC calls have been added so it can check compatibility and get the
necessary information to map the firmware into the SMMU for the NPU.
The API version has been given a minor version bump with this change to
indicate the added functionality.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: Idb076b7bcf54ed7e8eb39be80114dc1d1c45336d
Mikael Olsson [Fri, 27 Jan 2023 17:26:36 +0000 (18:26 +0100)]
refactor(ethos-n): split up SMC call handling
Doing all the SMC call handling in a single function and using specific
names for the x1-4 parameters is no longer practical for upcoming
additions to the SiP service. Handling of the different SMC functions
have therefore been split into separate functions.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: If28da8df0f13c449d1fdb2bd9d792d818ec5e1af
Mikael Olsson [Fri, 13 Jan 2023 08:56:41 +0000 (09:56 +0100)]
feat(ethos-n): add NPU firmware validation
When the Arm(R) Ethos(TM)-N NPU driver is built with TZMP1 support, it
will now validate the NPU firmware binary that BL2 is expected to load
into the protected memory location specified by
ARM_ETHOSN_NPU_IMAGE_BASE.
Juno has been updated with a new BL31 memory mapping to allow the SiP
service to read the protected memory that contains the NPU firmware
binary.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I633256ab7dd4f8f5a6f864c8c98a66bf9dfc37f3
Mikael Olsson [Wed, 18 Jan 2023 17:05:15 +0000 (18:05 +0100)]
feat(ethos-n): add check for NPU in SiP setup
The SiP service in the Arm(R) Ethos(TM)-N NPU driver requires that there
is at least one NPU available. If there is no NPU available, the driver
is either used incorrectly or the HW config is incorrect.
To ensure that the SiP service is not incorrectly used, a setup handler
has been added to the service that will validate that there is at least
one NPU available.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I8139a652f265cfc0db4a37464f39f1fb92868e10
Rob Hughes [Tue, 17 Jan 2023 16:10:26 +0000 (16:10 +0000)]
feat(ethos-n)!: load NPU firmware at BL2
BL2 on Juno now loads the Arm(R) Ethos(TM)-N NPU firmware into a fixed
address, using the existing image loading framework.
Includes support for TRUSTED_BOARD_BOOT, if enabled, using the firmware
content and key certificates from the FIP.
Supports the ARM_IO_IN_DTB option so can specify the firmware location
from the dtb rather than it being hardcoded to the FIP
Update makefile to automatically embed the appropriate images into the
FIP.
BREAKING CHANGE: Building the FIP when TZMP1 support is enabled in the
NPU driver now requires a parameter to specify the NPU firmware file.
Signed-off-by: Rob Hughes <robert.hughes@arm.com> Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I8cd64fb20d58f8bd539facb085606213d6cead06
Rob Hughes [Fri, 20 Jan 2023 10:47:30 +0000 (10:47 +0000)]
feat(juno): support ARM_IO_IN_DTB option for Juno
Add UUIDs for loadable FIP images to Juno's tb_fw_config device tree, so
that it can be built with the ARM_IO_IN_DTB option. Increase the
max-size of the tb_fw-config image accordingly, as the new entries
enlarge that image(new size is 2,116 bytes, rounded up to 2,560 =
0xA00)
Signed-off-by: Rob Hughes <robert.hughes@arm.com> Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I557bca7dd32c3be084bbba11d84dfa2818cb6789
Rob Hughes [Fri, 20 Jan 2023 10:43:41 +0000 (10:43 +0000)]
fix(fconf): fix FCONF_ARM_IO_UUID_NUMBER value
The FCONF_ARM_IO_UUID_NUMBER macro is hardcoded to the number of entries
in the `load_info` array, but this number did not match the actual
length of the array in the case that TRUSTED_BOARD_BOOT is defined, but
SPD_spmd is not defined.
This patch fixes the hardcoded length by replacing it with a more
flexible calculation which sums up the various contributing groups of
entries.
Signed-off-by: Rob Hughes <robert.hughes@arm.com> Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I557bca7dd32c3be084bbba11d84dfa2818cb6790
Rob Hughes [Fri, 20 Jan 2023 10:40:27 +0000 (10:40 +0000)]
fix(fvp): incorrect UUID name in FVP tb_fw_config
Signed-off-by: Rob Hughes <robert.hughes@arm.com> Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I557bca7dd32c3be084bbba11d84dfa2818cb6791
To workaround Arm(R) Ethos(TM)-N NPU erratum 2838783, the NPU has been
configured to allow being woken up by both secure and non-secure events
to make sure that an event always wakes up the NPU.
The API version has been given a minor version bump with this change to
indicate that this fix is included.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I429cdd6bf1e633b4dedf2e94af28937dd892a0ba
Mohamed Elzahhar [Wed, 16 Nov 2022 12:05:37 +0000 (12:05 +0000)]
feat(ethos-n): add support for NPU to cert_create
Add Juno specific Makefile to the certificate tool build. That
Makefile is included by the certificate tool Makefile to add
information about the authentication data for the
Arm(R) Ethos(TM)-N NPU's firmware binary.
Signed-off-by: Mohamed Elzahhar <Mohamed.Elzahhar@arm.com> Signed-off-by: Rob Hughes <robert.hughes@arm.com> Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: Ie4b6a1c29d73b3ed5041b57f2cd88033be18a63a
Daniele Castro [Thu, 24 Nov 2022 12:06:13 +0000 (12:06 +0000)]
feat(ethos-n): add NPU support in fiptool
Add platform specific Makefile to add UUIDs and command options
for the Arm(R) Ethos(TM)-N NPU firmware binary and certificate
data to the FIP so that the TF-A's BL2 can later be used to load
the Arm(R) Ethos(TM)-N NPU firmware binary into memory and verify
its integrity.
Add separate driver specific include header file for the
Arm(R) Ethos(TM)-N NPU images containing UUIDs and command options
to make it easy to port the FIP support to other platforms.
Signed-off-by: Daniele Castro <daniele.castro@arm.com> Signed-off-by: Rob Hughes <robert.hughes@arm.com> Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I8cd64fb20d58f8bd539facb085606213d6cead05
For the TZC to allow the Arm(R) Ethos(TM)-N NPU to access the buffers
allocated in a protected memory region, it must include the correct
NSAID for that region in its transactions to the memory. This change
updates the SiP service to configure the NSAIDs specified by a platform
define. When doing a protected access the SiP service now configures the
NSAIDs specified by the platform define. For unprotected access the
NSAID is set to zero.
Signed-off-by: Rajasekaran Kalidoss <rajasekaran.kalidoss@arm.com> Signed-off-by: Rob Hughes <robert.hughes@arm.com> Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I3360ef33705162aba5c67670386922420869e331
Mikael Olsson [Thu, 8 Dec 2022 16:07:06 +0000 (17:07 +0100)]
build(fiptool): add object dependency generation
The object target in the fiptool Makefile only depends on the
corresponding source file so it won't rebuild the object, if a header
file used by the source file is changed.
To make it rebuild the object file for both source and header file
changes, a dependency file will now be generated for each object and
included in the Makefile.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I0468c6e9c54126242150667268d471f28e011b0d
Mikael Olsson [Fri, 4 Nov 2022 14:01:02 +0000 (15:01 +0100)]
feat(ethos-n): add NPU sleeping SMC call
The non-secure world delegation of the register needed to determine if
the Arm(R) Ethos(TM)-N NPU is active or sleeping will be removed in the
future. In preparation for the change, a new SMC call has been added to
allow the non-secure world to ask the SiP service for the state instead.
A minor API version bump has been done with this change to indicate
support for the new functionality.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I1338341be385cf1891f4809efb7083fae6d928bc
Joshua Pimm [Wed, 9 Nov 2022 11:26:11 +0000 (11:26 +0000)]
feat(ethos-n): add multiple asset allocators
Adds additional asset allocators to the device tree include
file as the non-secure world kernel module for the Arm(R)
Ethos(TM)-N NPU now fully supports having and using multiple
asset allocators.
Signed-off-by: Joshua Pimm <joshua.pimm@arm.com> Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I82d53667ef64968ee814f611d0a90abd3b3cf3de
Joshua Pimm [Wed, 19 Oct 2022 14:46:27 +0000 (15:46 +0100)]
feat(ethos-n): add reset type to reset SMC calls
Adds a reset type argument for the soft and hard reset SMC calls to
indicate whether to perform a full reset and setup or only halt the
Arm(R) Ethos(TM)-N NPU. For use in cases where the NPU will not be
used but must be put into a known state, such as suspending the NPU
as part of power management.
Signed-off-by: Joshua Pimm <joshua.pimm@arm.com> Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I6018af85a28b0e977166ec29d26f04739123140c
TZMP1 protected memory regions have been added in the Juno platform to
store sensitive data for the Arm(R) Ethos(TM)-N NPU
This is enabled when building TF-A with ARM_ETHOSN_NPU_TZMP1.
The NPU uses two protected memory regions:
1) Firmware region to protect the NPU's firmware from being modified
from the non-secure world
2) Data region for sensitive data used by the NPU
Respective memory region can only be accessed with their unique NSAID.
Signed-off-by: Bjorn Engstrom <bjoern.engstroem@arm.com> Signed-off-by: Mikael Olsson <mikael.olsson@arm.com> Signed-off-by: Rob Hughes <robert.hughes@arm.com>
Change-Id: I65200047f10364ca18681ce348a6edb2ffb9b095
Bjorn Engstrom [Fri, 26 Aug 2022 07:45:45 +0000 (09:45 +0200)]
build(ethos-n): add TZMP1 build flag
For the Arm(R) Ethos(TM)-N NPU Driver to support running inference with
protected memory the TZC must be configured with appropriate regions.
This is controlled in build time by the now added build flag.
The new build flag is only supported with the Arm Juno platform and the
TZC is configured with default memory regions as if TZMP1 wasn't
enabled to facilitate adding the new memory regions later.
Signed-off-by: Bjorn Engstrom <bjoern.engstroem@arm.com> Signed-off-by: Rob Hughes <robert.hughes@arm.com> Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I9dc49ac5d091cfbc8c20d7c3ab394a2836438b0f
Boyan Karatotev [Thu, 30 Mar 2023 13:56:45 +0000 (14:56 +0100)]
fix(fvp): work around BL31 progbits exceeded
It is useful to have a single build for the FVP that includes as much
stuff as possible. Such a build allows a single TF-A build to be used on
a wide variety of fvp command lines. Unfortunately, the fvp also has a
(somewhat arbitrary) SRAM limit and enabling a bunch of stuff overruns
what is available.
To workaround this limit, don't enable everything for all
configurations. The offending configuration is when tsp is enabled, so
try to slim the binary down only when building with it.
As this doesn't solve the issue of running out of space for BL31, update
the linker error to give some clue as to what has (likely) caused it
while more permanent fixes are found.
Also add FEAT_RNG to the mix as it got missed in the commotion.
Merge changes from topic "jc/sve" into integration
* changes:
fix(qemu): enable dynamic feature detection of FEAT_SVE for NormalWorld
fix(tc): enable dynamic feature detection of FEAT_SVE for NormalWorld
FEAT_SVE build macro, "ENABLE_SVE_FOR_NS" default value has been updated
to 2, to support its existing behavior of dynamic detection as well as
keep it aligned with the changes concerning STATE=FEAT_STATE_CHECKED(2),
part of Feature Detection procedure.
fix(qemu): enable dynamic feature detection of FEAT_SVE for NormalWorld
Currently, TF-A supports three states for feature flags:
0: FEAT_DISABLED
1: FEAT_STATE_ALWAYS ( for fixed/real platforms)
2: FEAT_STATE_CHECK ( for configurable platforms)
to meet the feature detection requirements dynamically, mainly
targetting configurable/Fixed Virtual platforms.
With this mechanism in place, we are refactoring all the existing
feature flags to the FEAT_STATE_CHECK option(=2), including
FEAT_SVE explicitly for FVPs.
SVE Patch Reference:
https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/19888/25
This newly introduced change, breaks the existing behaviour especially
for virtual platforms, who have set the ENABLE_SVE_FOR_NS flag to 1.
Moving ahead, we advise the platforms to take the following steps while
enabling the features:
1. If the platform is configurable (virtual), and want to ensure feature
detection happens dynamically at runtime, set the build flags to
FEAT_STATE_CHECK(=2).
2. For real(fixed) platforms, depending on the features supported by the
hardware and platform wants to enable it, platforms could set build
flags to FEAT_STATE_ALWAYS(=1).
(Note: Only the non-secure world enablement related build flags have
been refactored to take the values within 0 to 2. As earlier Secure
world enablement flags will still remain boolean.)
Henceforth, in order to keep it aligned with this tri-state mechanism,
changing the qemu platform default to the now supported dynamic
option(=2), so the right decision can be made by the code at runtime.
fix(tc): enable dynamic feature detection of FEAT_SVE for NormalWorld
Currently, TF-A supports three states for feature flags:
0: FEAT_DISABLED
1: FEAT_STATE_ALWAYS (for fixed/real platforms)
2: FEAT_STATE_CHECK (for configurable platforms)
to meet the feature detection requirements dynamically, mainly
targetting configurable/Fixed Virtual platforms.
With this mechanism in place, we are refactoring all the existing
feature flags to the FEAT_STATE_CHECK option(=2), including
FEAT_SVE explicitly for FVPs.
SVE Patch Reference:
https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/19888/25
This newly introduced change, breaks the existing behaviour especially
for virtual platforms, who have set the ENABLE_SVE_FOR_NS flag to 1.
Moving ahead, we advise the platforms to take the following steps while
enabling the features:
1. If the platform is configurable (virtual), and want to ensure feature
detection happens dynamically at runtime, set the build flags to
FEAT_STATE_CHECK(=2).
2. For real(fixed) platforms, depending on the features supported by the
hardware and platform wants to enable it, platforms could set build
flags to FEAT_STATE_ALWAYS(=1).
(Note: Only the non-secure world enablement related build flags have
been refactored to take the values within 0 to 2. As earlier Secure
world enablement flags will still remain boolean.)
Henceforth, in order to keep it aligned with this tri-state mechanism,
changing the TC platform default to the now supported dynamic
option(=2), so the right decision can be made by the code at runtime.
Andre Przywara [Tue, 28 Mar 2023 15:55:06 +0000 (16:55 +0100)]
fix(aarch64): allow build with ARM_ARCH_MINOR=4
When building the FVP platform with SPMD (which activates the context
switch code), but keeping ARM_ARCH_MINOR to 4 or lower, the assembler
will complain about the SCXTNUM_EL2 system register not being supported
by the "selected processor".
Allow building this combination of options by defining the SCXTNUM_EL2
register via the generic S3_ encoding, so any assembler, with any -march
settings, will generate the access without any warnings.
We do protect accesses to this register by runtime checks, if not
explicitly requested otherwise, so can override the toolchain in this
case.
Change-Id: I0941f4c4dcf541bd968c153b9c3fac61ca23f7ef Signed-off-by: Andre Przywara <andre.przywara@arm.com>
projects / arm-tf.git / log