Commit Graph

7472 Commits

Author SHA1 Message Date
Sandrine Bailleux
568a881728 Merge "linker_script: move .rela.dyn section to bl_common.ld.h" into integration 2020-06-30 13:42:09 +00:00
Sandrine Bailleux
1ba168cf42 Merge "plat/arm: Add assert for the valid address of dtb information" into integration 2020-06-30 12:12:32 +00:00
Manish Pandey
b2b0e28a45 Merge "Fix makefile to build on a Windows host PC" into integration 2020-06-29 23:49:20 +00:00
Sami Mujawar
4a565bd888 Fix makefile to build on a Windows host PC
The TF-A firmware build system is capable of building on both Unix like
and Windows host PCs. The commit ID 7ff088 "Enable MTE support" updated
the Makefile to conditionally enable the MTE support if the AArch64
architecture revision was greater than 8.5. However, the Makefile changes
were dependent on shell commands that are only available on unix shells,
resulting in build failures on a Windows host PC.

This patch fixes the Makefile by using a more portable approach for
comparing the architecture revision.

Change-Id: Icb56cbecd8af5b0b9056d105970ff4a6edd1755a
Signed-off-by: Sami Mujawar <sami.mujawar@arm.com>
2020-06-29 21:50:45 +00:00
Mark Dykes
d6296e3a9f Merge "stm32mp1: disable neon in sp_min" into integration 2020-06-29 15:59:45 +00:00
Mark Dykes
5d1a225716 Merge "stm32mp1: check stronger the secondary CPU entry point" into integration 2020-06-29 15:58:23 +00:00
Manish V Badarkhe
1d60052e99 plat/arm: Add assert for the valid address of dtb information
Added assert in the code to check valid address of dtb information
structure retrieved from fw_config device tree.
This patch fixes coverity defect:360213.

Also, removed conditional calling of "fconf_populate" as "fconf_populate"
function already checks the validity of the device tree address received
and go to panic in case of address is NULL.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ib83e4e84a95e2456a12c7a2bb3fe70461d882cba
2020-06-29 14:01:03 +01:00
André Przywara
a021b2dd87 Merge "allwinner: Disable NS access to PRCM power control registers" into integration 2020-06-29 11:50:47 +00:00
Samuel Holland
506ffe50de allwinner: Disable NS access to PRCM power control registers
The non-secure world has no business accessing the CPU power switches in
the PRCM; those are handled by TF-A or the SCP. Only allow access to the
clock control part of the PRCM.

Signed-off-by: Samuel Holland <samuel@sholland.org>
Change-Id: I657b97f4ea8a0073448ad3343fbc66ba168ed89e
2020-06-29 11:49:32 +00:00
Masahiro Yamada
e8ad6168b0 linker_script: move .rela.dyn section to bl_common.ld.h
The .rela.dyn section is the same for BL2-AT-EL3, BL31, TSP.

Move it to the common header file.

I slightly changed the definition so that we can do "RELA_SECTION >RAM".
It still produced equivalent elf images.

Please note I got rid of '.' from the VMA field. Otherwise, if the end
of previous .data section is not 8-byte aligned, it fails to link.

aarch64-linux-gnu-ld.bfd: warning: changing start of section .rela.dyn by 4 bytes
aarch64-linux-gnu-ld.bfd: warning: changing start of section .rela.dyn by 4 bytes
aarch64-linux-gnu-ld.bfd: warning: changing start of section .rela.dyn by 4 bytes
make: *** [Makefile:1071: build/qemu/release/bl31/bl31.elf] Error 1

Change-Id: Iba7422d99c0374d4d9e97e6fd47bae129dba5cc9
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2020-06-29 15:51:50 +09:00
Manish Pandey
edd8188d32 Merge changes Ib9c82b85,Ib348e097,I4dc315e4,I58a8ce44,Iebc03361, ... into integration
* changes:
  plat: marvell: armada: a8k: add OP-TEE OS MMU tables
  drivers: marvell: add support for mapping the entire LLC to SRAM
  plat: marvell: armada: add LLC SRAM CCU setup for AP806/AP807 platforms
  plat: marvell: armada: reduce memory size reserved for FIP image
  plat: marvell: armada: platform definitions cleanup
  plat: marvell: armada: a8k: check CCU window state before loading MSS BL2
  drivers: marvell: add CCU driver API for window state checking
  drivers: marvell: align and extend llc macros
  plat: marvell: a8k: move address config of cp1/2 to BL2
  plat: marvell: armada: re-enable BL32_BASE definition
  plat: marvell: a8k: extend includes to take advantage of the phy_porting_layer
  marvell: comphy: initialize common phy selector for AP mode
  marvell: comphy: update rx_training procedure
  plat: marvell: armada: configure amb for all CPs
  plat: marvell: armada: modify PLAT_FAMILY name for 37xx SoCs
2020-06-26 13:59:38 +00:00
Sandrine Bailleux
b8247e1189 Merge changes from topic "fw_config_handoff" into integration
* changes:
  doc: Update arg usage for BL2 and BL31 setup functions
  doc: Update BL1 and BL2 boot flow
  plat/arm: Use only fw_config between bl2 and bl31
2020-06-26 07:31:59 +00:00
Manish V Badarkhe
d1c54e5b7c doc: Update arg usage for BL2 and BL31 setup functions
Updated the porting guide for the usage of received arguments
in BL2 and BL32 setup functions in case of Arm platform.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ia83a5607fed999819d25e49322b3bfb5db9425c0
2020-06-26 07:26:18 +00:00
Manish V Badarkhe
e555787b66 doc: Update BL1 and BL2 boot flow
Updated the document for BL1 and BL2 boot flow to capture
below changes made in FCONF

1. Loading of fw_config and tb_fw_config images by BL1.
2. Population of fw_config and tb_fw_config by BL2.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ifea5c61d520ff1de834c279ce1759b53448303ba
2020-06-26 07:26:09 +00:00
Manish V Badarkhe
7fb9bcd846 plat/arm: Use only fw_config between bl2 and bl31
Passed the address of fw_config instead of soc_fw_config
as arg1 to BL31 from BL2 for ARM fvp platform.

BL31 then retrieve load-address of other device trees
from fw_config device tree.

Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ib7e9581cd765d76111dcc3b7e0dafc12503c83c1
2020-06-26 08:24:34 +01:00
Sandrine Bailleux
99bcae5ea6 Merge changes from topic "fw_config_handoff" into integration
* changes:
  doc: Update memory layout for firmware configuration area
  plat/arm: Increase size of firmware configuration area
  plat/arm: Load and populate fw_config and tb_fw_config
  fconf: Handle error from fconf_load_config
  plat/arm: Update the fw_config load call and populate it's information
  fconf: Allow fconf to load additional firmware configuration
  fconf: Clean confused naming between TB_FW and FW_CONFIG
  tbbr/dualroot: Add fw_config image in chain of trust
  cert_tool: Update cert_tool for fw_config image support
  fiptool: Add fw_config in FIP
  plat/arm: Rentroduce tb_fw_config device tree
2020-06-26 07:06:52 +00:00
Mark Dykes
24cdbb22a9 Merge "stm32mp1: use last page of SYSRAM as SCMI shared memory" into integration 2020-06-25 18:37:51 +00:00
Mark Dykes
3c20ad568d Merge "stm32mp1: SP_MIN embeds Arm Architecture services" into integration 2020-06-25 18:33:27 +00:00
Mark Dykes
33fe493a67 Merge "Redirect security incident report to TrustedFirmware.org" into integration 2020-06-25 18:27:16 +00:00
Mark Dykes
f112d3effe Merge "doc: Add a binding document for COT descriptors" into integration 2020-06-25 18:23:50 +00:00
Mark Dykes
3df38b656f Merge "plat/fvp: Dynamic description of clock freq" into integration 2020-06-25 18:20:21 +00:00
Mark Dykes
ea96076116 Merge "fconf: Extract Timer clock freq from HW_CONFIG dtb" into integration 2020-06-25 18:18:57 +00:00
Lauren Wehrmeister
f998d15aee Merge "Workaround for Cortex A77 erratum 1800714" into integration 2020-06-25 18:15:33 +00:00
johpow01
62bbfe82c8 Workaround for Cortex A77 erratum 1800714
Cortex A77 erratum 1800714 is a Cat B erratum, present in older
revisions of the Cortex A77 processor core.  The workaround is to
set a bit in the ECTLR_EL1 system register, which disables allocation
of splintered pages in the L2 TLB.

Since this is the first errata workaround implemented for Cortex A77,
this patch also adds the required cortex_a77_reset_func in the file
lib/cpus/aarch64/cortex_a77.S.

This errata is explained in this SDEN:
https://static.docs.arm.com/101992/0010/Arm_Cortex_A77_MP074_Software_Developer_Errata_Notice_v10.pdf

Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I844de34ee1bd0268f80794e2d9542de2f30fd3ad
2020-06-25 14:50:58 +00:00
Manish V Badarkhe
089fc62412 doc: Update memory layout for firmware configuration area
Captured the increase in firmware configuration area from
4KB to 8kB in memory layout document. Updated the documentation
to provide details about fw_config separately.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ifbec443ced479301be65827b49ff4fe447e9109f
2020-06-25 13:50:37 +01:00
Manish V Badarkhe
ce4ca1a8b8 plat/arm: Increase size of firmware configuration area
Increased the size of firmware configuration area to accommodate
all configs.

Updated maximum size of following bootloaders due to increase
in firmware configs size and addition of the code in the BL2.

1. Increased maximum size of BL2 for Juno platform in no
   optimisation case.
2. Reduced maximum size of BL31 for fvp and Juno platform.
3. Reduced maximum size of BL32 for Juno platform.

Change-Id: Ifba0564df0d1fe86175bed9fae87fdcf013b1831
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
2020-06-25 13:50:37 +01:00
Manish V Badarkhe
8286967552 plat/arm: Load and populate fw_config and tb_fw_config
Modified the code to do below changes:

1. Load tb_fw_config along with fw_config by BL1.
2. Populate fw_config device tree information in the
   BL1 to load tb_fw_config.
3. In BL2, populate fw_config information to retrieve
   the address of tb_fw_config and then tb_fw_config
   gets populated using retrieved address.
4. Avoid processing of configuration file in case of error
   value returned from "fw_config_load" function.
5. Updated entrypoint information for BL2 image so
   that it's arg0 should point to fw_config address.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Change-Id: Ife6f7b673a074e7f544ee3d1bda7645fd5b2886c
2020-06-25 13:48:43 +01:00
Sandrine Bailleux
c275ea1883 Merge "Fix usage of incorrect function name" into integration 2020-06-25 07:14:41 +00:00
laurenw-arm
156dbdd464 plat/fvp: Dynamic description of clock freq
Query clock frequency in runtime using FCONF getter API

Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Ie6a8a62d8d190b9994feffb167a1d48829913e9b
2020-06-24 16:12:41 -05:00
laurenw-arm
8aa374b9fe fconf: Extract Timer clock freq from HW_CONFIG dtb
Extract Timer clock frequency from the timer node in
HW_CONFIG dtb. The first timer is a per-core architected timer attached
to a GIC to deliver its per-processor interrupts via PPIs.

Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I2f4b27c48e4c79208dab9f03c768d9221ba6ca86
2020-06-24 16:11:43 -05:00
Sandrine Bailleux
1367cc19f1 Redirect security incident report to TrustedFirmware.org
All projects under the TrustedFirmware.org project now use the same
security incident process, therefore update the disclosure/vulnerability
reporting information in the TF-A documentation.

------------------------------------------------------------------------
/!\ IMPORTANT /!\

Please note that the email address to send these reports to has changed.
Please do *not* use trusted-firmware-security@arm.com anymore.

Similarly, the PGP key provided to encrypt emails to the security email
alias has changed as well. Please do *not* use the former one provided
in the TF-A source tree. It is recommended to remove it from your
keyring to avoid any mistake. Please use the new key provided on
TrustedFirmware.org from now on.
------------------------------------------------------------------------

Change-Id: I14eb61017ab99182f1c45d1e156b96d5764934c1
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
2020-06-24 14:22:09 +02:00
Manish V Badarkhe
f17ae7b0a9 fconf: Handle error from fconf_load_config
Updated 'fconf_load_config' function to return
the error.
Error from 'fconf_load_config" gets handled
by BL1 in subsequent patches.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I4360f4df850e355b5762bb2d9666eb285101bc68
2020-06-24 08:44:26 +01:00
Manish V Badarkhe
fe6fd3e4e0 plat/arm: Update the fw_config load call and populate it's information
Modified the code to do below changes:

1. Migrates the Arm platforms to the API changes introduced in the
   previous patches by fixing the fconf_load_config() call.
2. Retrieve dynamically the address of tb_fw_config using fconf
   getter api which is subsequently used to write mbedTLS heap
   address and BL2 hash data in the tb_fw_config DTB.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Change-Id: I3c9d9345dcbfb99127c61d5589b4aa1532fbf4be
2020-06-24 08:44:26 +01:00
Manish V Badarkhe
9233dd09ca fconf: Allow fconf to load additional firmware configuration
Modified the `fconf_load_config` function so that it can
additionally support loading of tb_fw_config along with
fw_config.

Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ie060121d367ba12e3fcac5b8ff169d415a5c2bcd
2020-06-24 08:44:26 +01:00
Manish V Badarkhe
04e06973e1 fconf: Clean confused naming between TB_FW and FW_CONFIG
Cleaned up confused naming between TB_FW and FW_CONFIG.

Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I9e9f6e6ca076d38fee0388f97d370431ae067f08
2020-06-24 08:44:26 +01:00
Louis Mayencourt
243875eaf9 tbbr/dualroot: Add fw_config image in chain of trust
fw_config image is authenticated using secure boot framework by
adding it into the single root and dual root chain of trust.

The COT for fw_config image looks as below:

+------------------+       +-------------------+
| ROTPK/ROTPK Hash |------>| Trusted Boot fw   |
+------------------+       | Certificate       |
                           | (Auth Image)      |
                          /+-------------------+
                         /                   |
                        /                    |
                       /                     |
                      /                      |
                     L                       v
+------------------+       +-------------------+
| fw_config hash   |------>| fw_config         |
|                  |       | (Data Image)      |
+------------------+       +-------------------+

Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I08fc8ee95c29a95bb140c807dd06e772474c7367
2020-06-24 08:44:26 +01:00
Manish V Badarkhe
9b3ca9b120 cert_tool: Update cert_tool for fw_config image support
Updated cert_tool to add hash information of fw_config image into
the existing "trusted boot fw" certificate.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I720319225925806a2a9f50a1ac9c8a464be975f0
2020-06-24 08:44:26 +01:00
Manish V Badarkhe
ce10f9f462 fiptool: Add fw_config in FIP
Added support in fiptool to include fw_config image
in FIP.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ibbd14723a4141598d9d7f6bfcf88a0ef92cf87bc
2020-06-24 08:44:26 +01:00
Manish V Badarkhe
3cb84a5425 plat/arm: Rentroduce tb_fw_config device tree
Moved BL2 configuration nodes from fw_config to newly
created tb_fw_config device tree.

fw_config device tree's main usage is to hold properties shared
across all BLx images.
An example is the "dtb-registry" node, which contains the
information about the other device tree configurations
(load-address, size).

Also, Updated load-address of tb_fw_config which is now located
after fw_config in SRAM.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ic398c86a4d822dacd55b5e25fd41d4fe3888d79a
2020-06-24 08:44:26 +01:00
Lauren Wehrmeister
ccf5863231 Merge changes Ifc34f2e9,Iefd58159 into integration
* changes:
  Workaround for Cortex A76 erratum 1800710
  Workaround for Cortex A76 erratum 1791580
2020-06-23 20:17:24 +00:00
Sheetal Tigadoli
5703c7379e Fix usage of incorrect function name
Signed-off-by: Sheetal Tigadoli <sheetal.tigadoli@broadcom.com>
Change-Id: Ic387630c096361ea9a963cde0018a0efb63e3bd2
2020-06-23 21:12:28 +05:30
Manish Pandey
993dc0eccd Merge "FFA Version interface update" into integration 2020-06-23 15:12:03 +00:00
Manish V Badarkhe
ebd34bea0b doc: Add a binding document for COT descriptors
Added a binding document for COT descriptors which is going
to be used in order to create COT desciptors at run-time.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ic54519b0e16d145cd1609274a00b137a9194e8dd
2020-06-23 15:52:54 +01:00
J-Alves
4388f28f0f FFA Version interface update
Change handler of FFA version interface:
- Return SPMD's version if the origin of the call is secure;
- Return SPMC's version if origin is non-secure.

Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I0d1554da79b72b1e02da6cc363a2288119c32f44
2020-06-23 15:08:48 +01:00
Etienne Carriere
450e15a78e stm32mp1: SP_MIN embeds Arm Architecture services
Embed Arch Architecture SMCCC services in stm32mp1 SP_MIN. This
service is needed by Linux kernel to setup the SMCCC conduit
used by its SCMI SMC transport driver.

Change-Id: I454a7ef3048a77ab73fff945e8115b60445d5841
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2020-06-23 09:26:15 +02:00
Etienne Carriere
0754143ac9 stm32mp1: use last page of SYSRAM as SCMI shared memory
SCMI shared memory is used to exchange message payloads between
secure SCMI services and non-secure SCMI agents. It is mapped
uncached (device) mainly to conform to existing support in
the Linux kernel. Note that executive messages are mostly short
(few 32bit words) hence not using cache will not penalize much
performances.

Platform stm32mp1 shall configure ETZPC to harden properly the
secure and non-secure areas of the SYSRAM address space, that before
CPU accesses the shared memory when mapped non-secure.

This change defines STM32MP_SEC_SYSRAM_BASE/STM32MP_SEC_SYSRAM_SIZE and
STM32MP_NS_SYSRAM_BASE/STM32MP_NS_SYSRAM_SIZE.

Change-Id: I71ff02a359b9668ae1c5a71b5f102cf3d310f289
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
2020-06-23 09:22:45 +02:00
Etienne Carriere
986419939a stm32mp1: check stronger the secondary CPU entry point
When using SP_min as monitor, only sp_min_warm_entrypoint() is a valid
secure entry point.

Change-Id: I440cec798e901b11a34dd482c33b2e378a8328ab
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
2020-06-23 09:21:56 +02:00
Etienne Carriere
e4ee1ab934 stm32mp1: disable neon in sp_min
Disable use of Neon VFP support for platform stm32mp1 when
building with SP_MIN runtime services as these can conflict with
non-secure world use of NEON support. This is preferred over a
systematic backup/restore of NEON context when switching
between non-secure and secure worlds.

When NEON support is disabled, this is done for both BL2 and BL32 as
build process uses common libraries built once for both binaries.

Change-Id: I4e8808dcb6ef58fc839e6f85fd6e45cfbaa34be0
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
2020-06-23 09:21:21 +02:00
johpow01
dcbfbcb5de Workaround for Cortex A76 erratum 1800710
Cortex A76 erratum 1800710 is a Cat B erratum, present in older
revisions of the Cortex A76 processor core.  The workaround is to
set a bit in the ECTLR_EL1 system register, which disables allocation
of splintered pages in the L2 TLB.

This errata is explained in this SDEN:
https://static.docs.arm.com/sden885749/g/Arm_Cortex_A76_MP052_Software_Developer_Errata_Notice_v20.pdf

Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: Ifc34f2e9e053dcee6a108cfb7df7ff7f497c9493
2020-06-22 17:47:54 -05:00
johpow01
d7b08e6904 Workaround for Cortex A76 erratum 1791580
Cortex A76 erratum 1791580 is a Cat B erratum present in earlier
revisions of the Cortex A76. The workaround is to set a bit in the
implementation defined CPUACTLR2 register, which forces atomic store
operations to write-back memory to be performed in the L1 data cache.

This errata is explained in this SDEN:
https://static.docs.arm.com/sden885749/g/Arm_Cortex_A76_MP052_Software_Developer_Errata_Notice_v20.pdf

Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: Iefd58159b3f2e2286138993317b98e57dc361925
2020-06-22 16:58:24 -05:00