A separate design document for Measured Boot covers the porting
guidelines for the Measured Boot interfaces. As a result,
the Measured Boot interfaces have been removed from the porting
guide and a link to the Measured Boot design document has been
provided.
Change-Id: Ia6bd2620d830aea6aececab4af7e10a6d737f025
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
In their respective makefiles, cert_create, encrypt_fw and fiptool
depend on the --openssl phony target as a prerequisite. This forces
those tools to be re-linked each time.
Move the dependencies on the --openssl target from the tools to their
makefiles all targets, to avoid unnecessary linking while preserving the
OpenSSL version printing done in the --openssl targets when in debug.
Fixes: cf2dd17ddd ("refactor(security): add OpenSSL 1.x compatibility")
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Change-Id: I98a3ab30f36dffc253cecaaf3a57d2712522135d
Incorrect value stored in Coherent Subsystem ACE DVM Snoop Enable
register (CSADSER0). Set individual bit othervise previous value
is overwritten.
Signed-off-by: Anders Hedlund <anders.hedlund@windriver.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: Ib72fed261cbc3076ce385e19c4a5fa8e9e8b9924
Previous implementation used common CSS interrupts, which do not match
the N1SDP platform interrupt map. Updated to configure Secure
interrupts according to the N1SDP TRM and InfraSYSDESIGN4.0
specification. Additionally, unused definitions from legacy interrupt
configuration are removed.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
Change-Id: I3dd4bcd4875e138057c62d937572d446b8f88471
Add support to qemu "neoverse-v1" cpu for "qemu_sbsa" ('sbsa-ref')
platform.
Change-Id: Id710e2b960e7938d2dbe7a88d9e158a7009fc3d1
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
In order to comply with the previous RSS driver change,
interface calls have been updated.
Change-Id: I645f6e8638cedfa6ff92d07b93cbaf38bdb2e09f
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
In order to comply with the previous RSS driver change,
interface calls have been updated.
Change-Id: I0a1f3c6a6f8017468d86903cc0158805c6461c28
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Currently, Measured Boot RSS driver gathers data from platform calls,
specifically RSS metadata. Generally, the driver should use the least
amount of platform calls possible, and the platform should provide the
data directly to the driver via the driver interface.
For this purpose, RSS Measured Boot driver interface APIs were updated
and platform calls were removed from RSS Measured Boot driver.
Change-Id: I6c797d9ac2d70215f32a084a7643884b399ee28c
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
* changes:
chore(xilinx): update warning message
feat(versal-net): add cluster check in handoff parameters
feat(versal-net): get the handoff params using IPI
chore(xilinx): replace fsbl with xbl
Currently, the peripheral node indexes are incorrect
for Versal NET due to which incorrect node error is
generated and permission to set the device as wakeup
source is failed. Correct Versal NET peripheral node
indexes to fix above issue.
Fixes: 662aafd6475e ("feat(xilinx): add device node indexes")
Change-Id: I4a2d76f375645e13512599a0272d9322ff6fafd3
Signed-off-by: Jay Buddhabhatti <jay.buddhabhatti@amd.com>
Update the Warning message to be more informative
about the warning being printed.
Change-Id: I923dc5dd760908844d5e1ac8542fd1b04c9f0af5
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Versal NET platform supports multiple cpu clusters and the cluster
information for every partition contaning firmware component
is being passed by PLM through handoff parameters to TF-A.
Function implementation for getting cluster value for the firmware
component partition in TF-A and check for the firmware component
being targeted to be executed on Cluster 0.
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Change-Id: I8622699e12b0a9cda83ae46e2ad0a038ca377fda
Use the IPI command GET_HANDOFF_PARAM to get the PLM to TF-A handoff
parameters. The BL32/BL33 information from the handoff parameters will
be used by TF-A.
If no valid PLM to TF-A handoff parameters are available then,
the TF-A will fall back to the build time information or defaults
set in the TF-A for BL32/BL33.
Once the bootmode identification is supported the default configuration
will be done only for JTAG and for all other bootmodes PLM to TF-A
handoff parameters will be used.
Change-Id: Ia2204fe30fea6f32b4e5d2610820217e6ed23e4d
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
The handoff functionality is common between platforms and all
platforms do not use fsbl terminology. Renaming handoff related code
to generic naming.
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: Ic250af927f33c4fecbc2e6bab01b83a6dd2aab52
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
* changes:
refactor(pmu): convert FEAT_MTPMU to C and move to persistent register init
feat(pmu): introduce pmuv3 lib/extensions folder
fix(pmu): make MDCR_EL3.MTPME=1 out of reset
refactor(cm): introduce a real manage_extensions_nonsecure()
The FEAT_MTPMU feature disable runs very early after reset. This means,
it needs to be written in assembly, since the C runtime has not been
initialised yet.
However, there is no need for it to be initialised so soon. The PMU
state is only relevant after TF-A has relinquished control. The code
to do this is also very verbose and difficult to read. Delaying the
initialisation allows for it to happen with the rest of the PMU. Align
with FEAT_STATE in the process.
BREAKING CHANGE: This patch explicitly breaks the EL2 entry path. It is
currently unsupported.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I2aa659d026fbdb75152469f6d19812ece3488c6f
The enablement code for the PMU is scattered and difficult to track
down. Factor out the feature into its own lib/extensions folder and
consolidate the implementation. Treat it is as an architecturally
mandatory feature as it is currently.
Additionally, do some cleanup on AArch64. Setting overflow bits in
PMCR_EL0 is irrelevant for firmware so don't do it. Then delay the PMU
initialisation until the context management stage which simplifies the
early environment assembly. One side effect is that the PMU might count
before this happens so reset all counters to 0 to prevent any leakage.
Finally, add an enable to manage_extensions_realm() as realm world uses
the pmu. This introduces the HPMN fixup to realm world.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ie13a8625820ecc5fbfa467dc6ca18025bf6a9cd3
Make the default value for MTPME always be 1 to preserve the reset
behaviour on newer revisions and on older revisions where the bit is
RES0 it doesn't matter.
Before its introduction MDCR_EL3.MTPME was RES0. Upon its introduction
the field resets to 1, making the MTPMU architecturally "enabled". As
such, the logical action on TF-A's part is to "disable" it, which led to
the introduction of DISABLE_MTPMU.
This hinges on the assumption that MDCR_EL3.MTPME will always be 1
unless the above flag is set. Unfortunately this is not the case, as the
reset value is overwritten at reset with a macro that sets this bit to
0.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ie570774972f246b3aa41dc016ecbcc6fc2f581f6
manage_extensions_nonsecure() is problematic because it updates both
context and in-place registers (unlike its secure/realm counterparts).
The in-place register updates make it particularly tricky, as those
never change for the lifetime of TF-A. However, they are only set when
exiting to NS world. As such, all of TF-A's execution before that
operates under a different context. This is inconsistent and could cause
problems.
This patch Introduce a real manage_extensions_nonsecure() which only
operates on the context structure. It also introduces a
cm_manage_extensions_el3() which only operates on register in-place that
are not context switched. It is called in BL31's entrypoints so that all
of TF-A executes with the same environment once all features have been
converted.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ic579f86c41026d2054863ef44893e0ba4c591da9
Adjusted BL31 maximum size as per total SRAM size.
Change-Id: Ifdfdedb8af3e001cebba8e60c973f3c72be11652
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Use tst instead of ands to check USART_CR1_UE bit is set. If not exit
the flush function.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ibd2e18f6d8837073d0bbcb150e993985d3c0dd6f
* changes:
refactor(cpus): add Cortex-A72 errata information
refactor(cpus): convert Rainier to use errata framework
refactor(cpus): convert QEMU Max to use the errata framework
Read data from DeviceTree provided by QEMU, provide via SMC
to the next firmware level.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: I95c5f00ab2cca3b5fda122dcc8d7704a7a82059b
Adding basic CPU library code to support the Hermes CPU.
Change-Id: I61946033fe5fafb56ceb2d14d4c796d85b30457e
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
* adds add_erratum_etnry for all described erratas.
* replaces errata_report function with errata_report_shim to report
errata automatically
Change-Id: I7e3315d5cc77b77c328fff7f3988ec588b8f88b9
Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com>
This involves replacing:
* the reset_func with the standard cpu_reset_func_{start,end} to apply
errata automatically
* the <cpu>_errata_report with the errata_report_shim to report errata
automatically
as well as specifically related to single errata for this CPU:
* the prologue with the workaround_<type>_start to do the checks and
framework registration automatically
* the epilogue with the workaround_<type>_end
* the checker function with the check_erratum_<type> to make it more
descriptive
Change-Id: I31cacbbdd4caa12b32e2c65ec456b0ab6b1a9101
Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com>
This involves replacing:
* the <cpu>_errata_report with the errata_report_shim to report errata
automatically.
Change-Id: I78b65052dcfc1f29b7dec443bd0aaf67d0efb4eb
Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com>
This commit reorders the include files in accordance with the
guidelines provided by Trusted Firmware-A (TF-A).
The include files are rearranged to ensure a consistent and
organized structure in the codebase, facilitating better
readability and maintainability.
https: //trustedfirmware-a.readthedocs.io/en/latest/process/coding-style.html#headers-and-inclusion
https://git.trustedfirmware.org/ci/tf-a-ci-scripts.git/tree/script/static-checks/
For example, to run header check:
/tf-a-ci-scripts/script/static-checks/check-include-order.py --tree ${PWD} > Includefileorder.txt
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: Ia5802722e69859596b94f31ec40755adbf7d865b
