Commit Graph

580 Commits

Author SHA1 Message Date
Qixiang Xu
dcbf3932fd Dynamic selection of ECDSA or RSA
Add new option rsa+ecdsa for TF_MBEDTLS_KEY_ALG, which selects
rsa or ecdsa depending on the certificate used.

Change-Id: I08d9e99bdbba361ed2ec5624248dc382c750ad47
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
2017-09-22 17:42:40 +08:00
Qixiang Xu
9db9c65a11 Add support for TBBR using ECDSA keys in ARM platforms
- fixed compile error when KEY_ALG=ecdsa
    - add new option ecdsa for TF_MBEDTLS_KEY_ALG
    - add new option devel_ecdsa for ARM_ROTPK_LOCATION
    - add ecdsa key at plat/arm/board/common/rotpk/
    - reduce the mbedtls heap memory size to 13k

Change-Id: I3f7a6170af93fdbaaa7bf2fffb4680a9f6113c13
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
2017-09-22 09:48:36 +08:00
davidcunado-arm
b4f4a2f06c Merge pull request #1093 from soby-mathew/eb/log_fw
Implement log framework
2017-09-18 12:17:33 +01:00
davidcunado-arm
f18f5f9867 Merge pull request #1092 from jeenu-arm/errata-workarounds
Errata workarounds
2017-09-13 14:52:24 +01:00
Qixiang Xu
fd5763ea8a plat/arm: Fix BL31_BASE when RESET_TO_BL31=1
The value of BL31_BASE currently depends on the size of BL31. This
causes problems in the RESET_TO_BL31 case because the value of
BL31_BASE is used in the model launch parameters, which often changes.

Therefore, this patch fixes BL31_BASE to the middle of Trusted SRAM,
to avoid further model parameter changes in future.

Change-Id: I6d7fa4fe293717d84768974679539c0e0cb6d935
Signed-off-by: David Cunado <david.cunado@arm.com>
2017-09-12 15:21:13 +01:00
davidcunado-arm
487c869d31 Merge pull request #1088 from soby-mathew/sm/sds_scmi
Introduce SDS Driver
2017-09-12 08:43:38 +01:00
Soby Mathew
7f56e9a31c Implement log framework
This patch gives users control over logging messages printed from the C
code using the LOG macros defined in debug.h Users now have the ability
to reduce the log_level at run time using the tf_log_set_max_level()
function. The default prefix string can be defined by platform by
overriding the `plat_log_get_prefix()` platform API which is also
introduced in this patch.

The new log framework results in saving of some RO data. For example,
when BL1 is built for FVP with LOG_LEVEL=LOG_LEVEL_VERBOSE, resulted
in saving 384 bytes of RO data and increase of 8 bytes of RW data. The
framework also adds about 108 bytes of code to the release build of FVP.

Fixes ARM-software/tf-issues#462

Change-Id: I476013d9c3deedfdd4c8b0b0f125665ba6250554
Co-authored-by: Eleanor Bonnici <Eleanor.bonnici@arm.com>
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
2017-09-11 15:37:24 +01:00
Eleanor Bonnici
6de9b3364b Cortex-A72: Implement workaround for erratum 859971
Erratum 855971 applies to revision r0p3 or earlier Cortex-A72 CPUs. The
recommended workaround is to disable instruction prefetch.

Change-Id: I7fde74ee2a8a23b2a8a1891b260f0eb909fad4bf
Signed-off-by: Eleanor Bonnici <Eleanor.bonnici@arm.com>
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-09-07 14:22:02 +01:00
Eleanor Bonnici
45b52c202f Cortex-A57: Implement workaround for erratum 859972
Erratum 855972 applies to revision r1p3 or earlier Cortex-A57 CPUs. The
recommended workaround is to disable instruction prefetch.

Change-Id: I56eeac0b753eb1432bd940083372ad6f7e93b16a
Signed-off-by: Eleanor Bonnici <Eleanor.bonnici@arm.com>
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-09-07 14:22:02 +01:00
davidcunado-arm
8b6385deb3 Merge pull request #1082 from vchong/load_img_v2_parse_optee_header
hikey*: Add LOAD_IMAGE_V2 and OP-TEE header parsing support
2017-09-07 08:46:47 +01:00
davidcunado-arm
5457874575 Merge pull request #1080 from soby-mathew/eb/RSA-PKCS1-5_support_1
Support legacy RSA PKCS#1 v1.5 in cert create
2017-09-07 01:14:24 +01:00
Soby Mathew
18e279ebe6 CSS: Changes for SDS framework
This patch does the required changes to enable CSS platforms
to build and use the SDS framework. Since SDS is always coupled with
SCMI protocol, the preexisting SCMI build flag is now renamed to
`CSS_USE_SCMI_SDS_DRIVER` which will enable both SCMI and SDS on
CSS platforms. Also some of the workarounds applied for SCMI are
now removed with SDS in place.

Change-Id: I94e8b93f05e3fe95e475c5501c25bec052588a9c
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
2017-09-06 15:32:20 +01:00
Victor Chong
a87a1fb3ed docs: hikey: Fix typo
Signed-off-by: Victor Chong <victor.chong@linaro.org>
2017-09-01 19:15:30 +09:00
Soby Mathew
a8eb286ada cert_tool: Support for legacy RSA PKCS#1 v1.5
This patch enables choice of RSA version at run time to be used for
generating signatures by the cert_tool. The RSA PSS as defined in
PKCS#1 v2.1 becomes the default version and this patch enables to specify
the RSA PKCS#1 v1.5 algorithm to `cert_create` through the command line
-a option. Also, the build option `KEY_ALG` can be used to pass this
option from the build system. Please note that RSA PSS is mandated
by Trusted Board Boot requirements (TBBR) and legacy RSA support is
being added for compatibility reasons.

Fixes ARM-Software/tf-issues#499
Change-Id: Ifaa3f2f7c9b43f3d7b3effe2cde76bf6745a5d73
Co-Authored-By: Eleanor Bonnici <Eleanor.bonnici@arm.com>
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
2017-08-31 16:42:11 +01:00
Soby Mathew
2091755c5e Export KEY_ALG as a user build option
The `KEY_ALG` variable is used to select the algorithm for key
generation by `cert_create` tool for signing the certificates. This
variable was previously undocumented and did not have a global default
value. This patch corrects this and also adds changes to derive the
value of `TF_MBEDTLS_KEY_ALG` based on `KEY_ALG` if it not set by the
platform. The corresponding assignment of these variables are also now
removed from the `arm_common.mk` makefile.

Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: I78e2d6f4fc04ed5ad35ce2266118afb63127a5a4
2017-08-31 16:42:11 +01:00
Douglas Raillard
b0c61f9403 porting-guide.rst: Fix some sections' level
Fix the level of the section
"13.   Function : plat_setup_psci_ops() [mandatory]",
including all the subsections.

Fix the level of the section
"12.7.   plat_psci_ops.pwr_domain_suspend_pwrdown_early() [optional]"
to lower it like the surrounding functions.

Change-Id: I781823bc96ece669f8fde4bd39c4e333c7bf4d1a
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2017-08-31 13:39:09 +01:00
danh-arm
bd35923466 Merge pull request #1073 from davidcunado-arm/dc/update_docs
Add usage note for FVP model versions 11.0 and 8.5
2017-08-30 14:37:15 +01:00
danh-arm
b15bab6bbc Merge pull request #1066 from islmit01/im/enable_cnp_bit
Enable CnP bit for ARMv8.2 CPUs
2017-08-30 14:34:57 +01:00
David Cunado
279fedc1f8 Add usage note for FVP model versions 11.0 and 8.5
The internal synchronisation timings of the FVP model version
11.0 build 11.0.34 and version 8.5 build 0.8.5202 has been
changed compared to older version of the models.

This change may have an impact on how the model behaves depending
on the workload being run on the model. For example test failures
have been seen where the primary core has powered on a secondary
core but was then starved of host CPU time and so was not able to
update power status, resulting a test failure due to an incorrect
status. This, or similar behaviour, is not to be expected from
real hardware platforms.

This patch adds a usage note on how to launch these models so
that internal synchronisation timing matches that of the older
version of the models, specifically adding the -Q 100 option.

Change-Id: If922afddba1581b7246ec889b3f1598533ea1b7e
Signed-off-by: David Cunado <david.cunado@arm.com>
2017-08-30 14:09:36 +01:00
danh-arm
913c38424e Merge pull request #1056 from geesun/qx/interrupt-diags
update the interrupt diagrams
2017-08-29 11:49:59 +01:00
davidcunado-arm
f91e8d1af6 Merge pull request #1067 from jeenu-arm/rst-fix
firmware-design.rst: Fix formatting
2017-08-25 13:37:45 +01:00
Isla Mitchell
9fce2725a4 Enable CnP bit for ARMv8.2 CPUs
This patch enables the CnP (Common not Private) bit for secure page
tables so that multiple PEs in the same Inner Shareable domain can use
the same translation table entries for a given stage of translation in
a particular translation regime. This only takes effect when ARM
Trusted Firmware is built with ARM_ARCH_MINOR >= 2.

ARM Trusted Firmware Design has been updated to include a description
of this feature usage.

Change-Id: I698305f047400119aa1900d34c65368022e410b8
Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
2017-08-24 17:23:43 +01:00
Jeenu Viswambharan
579b4adb79 firmware-design.rst: Fix formatting
The format conversion wrongly formatted a couple of sections. These were
also missing from the Table of Contents.

Change-Id: I324216c27e7b4711e6cc5e25782f4b53842140cc
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-08-24 15:47:20 +01:00
Etienne Carriere
d591d7668e doc: minor typo fix
Change-Id: I00fae047dea0eaf7e60037598af020817c66f659
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
2017-08-23 15:43:33 +02:00
danh-arm
e80824227b Merge pull request #977 from etienne-lms/sp-min-fiq
bl32: add secure interrupt handling in AArch32 sp_min
2017-08-17 13:54:32 +01:00
Qixiang Xu
7f943ba64a update the interrupt diagrams
- Redraw the interrupt diagrams with dia tool
   - Change TSP_HANDLED_S_EL1_FIQ to TSP_HANDLED_S_EL1_INTR in sec-int-handling.png
   - Use the makefile generate the image to avoid unnessary generate
   - Add dia source code

Change-Id: I016022ca964720e8497c27c88a3f371459abc284

Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
2017-08-17 16:55:25 +08:00
danh-arm
1a52aca5f6 Merge pull request #1040 from sliai/support-opteed-header
Support opteed header
2017-08-14 16:35:12 +01:00
danh-arm
ebab983170 Merge pull request #1049 from sandrine-bailleux-arm/sb/xlat-lib-v2-doc
Add documentation of the xlat tables library V2
2017-08-14 16:03:35 +01:00
danh-arm
a937d93e5c Merge pull request #1046 from jeenu-arm/revc
Support for RevC FVP model
2017-08-14 15:32:27 +01:00
Etienne Carriere
71816096da bl32: add secure interrupt handling in AArch32 sp_min
Add support for a minimal secure interrupt service in sp_min for
the AArch32 implementation. Hard code that only FIQs are handled.

Introduce bolean build directive SP_MIN_WITH_SECURE_FIQ to enable
FIQ handling from SP_MIN.

Configure SCR[FIQ] and SCR[FW] from generic code for both cold and
warm boots to handle FIQ in secure state from monitor.

Since SP_MIN architecture, FIQ are always trapped when system executes
in non secure state. Hence discard relay of the secure/non-secure
state in the FIQ handler.

Change-Id: I1f7d1dc7b21f6f90011b7f3fcd921e455592f5e7
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
2017-08-09 15:48:53 +02:00
Summer Qin
71fb396440 Support Trusted OS firmware extra images in TF tools
Since Trusted OS firmware may have extra images, need to
assign new uuid and image id for them.
The TBBR chain of trust has been extended to add support
for the new images within the existing Trusted OS firmware
content certificate.

Change-Id: I678dac7ba1137e85c5779b05e0c4331134c10e06
Signed-off-by: Summer Qin <summer.qin@arm.com>
2017-08-09 18:06:05 +08:00
Antonio Nino Diaz
6feb9e8854 Add documentation of the xlat tables library V2
The documentation describes the design of the translation tables
library version 2 used by the ARM Trusted Firmware.

The diagram file has been created with Dia version 0.97.2. This tool
can be obtained from: https://wiki.gnome.org/Apps/Dia/Download

Inkscape has been used to generate the *.png file from the *.dia file
to work around a bug in the generation of *.png files in some versions
of Dia.

Change-Id: Ie67d9998d4ae881b2c060200a318ad3ac2fa5e91
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
2017-08-08 16:49:47 +01:00
David Cunado
1a3a16768e Fix to change.log
With the migration to .rst from .md, the Issues Resolved and
Known Issues sections for v1.4 were using Header 1 format.

This patch changes to using Header 2 for these sections.

Change-Id: Ic3127d84eb169a65039fd4cc8284c6429302732d
Signed-off-by: David Cunado <david.cunado@arm.com>
2017-08-03 18:24:04 +01:00
Jeenu Viswambharan
e33fd44548 CCI: Adapt for specific product at run time
The current build system and driver requires the CCI product to be
specified at build time. The device constraints can be determined at run
time from its ID registers, obviating the need for specifying them
ahead.

This patch adds changes to identify and validate CCI at run time. Some
global variables are renamed to be in line with the rest of the code
base.

The build option ARM_CCI_PRODUCT_ID is now removed, and user guide is
updated.

Change-Id: Ibb765e349d3bc95ff3eb9a64bde1207ab710a93d
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-08-01 14:33:47 +01:00
Jeenu Viswambharan
11ad8f208d FVP: Add support for multi-threaded CPUs
ARM CPUs with multi-threading implementation has more than one
Processing Element in a single physical CPU. Such an implementation will
reflect the following changes in the MPIDR register:

  - The MT bit set;

  - Affinity levels pertaining to cluster and CPUs occupy one level
    higher than in a single-threaded implementation, and the lowest
    affinity level pertains to hardware threads. MPIDR affinity level
    fields essentially appear shifted to left than otherwise.

The FVP port henceforth assumes that both properties above to be
concomitant on a given FVP platform.

To accommodate for varied MPIDR formats at run time, this patch
re-implements the FVP platform-specific functions that translates MPIDR
values to a linear indices, along with required validation. The same
treatment is applied for GICv3 MPIDR hashing function as well.

An FVP-specific build option FVP_MAX_PE_PER_CPU is introduced which
specifies the maximum number of threads implemented per CPU. For
backwards compatibility, its value defaults to 1.

Change-Id: I729b00d3e121d16ce9a03de4f9db36dfac580e3f
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-08-01 14:33:47 +01:00
Varun Wadekar
1862d6203c lib: psci: early suspend handler for platforms
This patch adds an early suspend handler, that executes with
SMP and data cache enabled. This handler allows platforms to
perform any early actions during the CPU suspend entry sequence.

This handler is optional and platforms can choose to implement it
depending on their needs. The `pwr_domain_suspend` handler still
exists and platforms can keep on using it without any side effects.

Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
2017-07-31 11:41:17 -07:00
davidcunado-arm
e43ae8e9de Merge pull request #1037 from douglas-raillard-arm/dr/doc_fix_errata_a53
Add doc for some Cortex A53 errata workarounds
2017-07-31 14:30:27 +01:00
davidcunado-arm
ddc5bfdb6f Merge pull request #1035 from sandrine-bailleux-arm/sb/xlat-lib-ctx
Translation table library v2 improvements
2017-07-31 14:29:54 +01:00
Sandrine Bailleux
de3d704d74 Emphasize that TF only supports 4 KB granule size
At the moment, various parts of the Trusted Firmware code assume
that the granule size used is 4 KB. For example, the linker scripts
enforce 4 KB alignment restrictions on some sections.

However, the ARMv8-A architecture allows 16 KB and 64 KB granule
sizes as well. Some other parts of the TF code, particularly the
architectural code and definitions, have been implemented with
this in mind and cater for all 3 cases.

This discrepancy creates some confusion as to what is effectively
supported in TF. This patch adds some code comments and clarification
in the documentation to make this limitation clearer.

Change-Id: I1f202369b240d8bed9d43d57ecd2a548c86c8598
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
2017-07-26 09:28:23 +01:00
Douglas Raillard
ca6b1cb4dd Add doc for some Cortex A53 errata workarounds
Add documentation for errata 835769 and 843419 workarounds introduced in
commit a94cc374ab

Fixes ARM-software/tf-issues#504

Change-Id: I7f3db53dfc5f3827b32663f483d3302bc9679b19
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2017-07-24 14:17:07 +01:00
Jeenu Viswambharan
c1232c31ce Fix alphabetic ordering
Commit d832aee90, which added SPE support, got the alphabetical ordering
wrong for documentation and Makefile addition. This patch fixes that.

Change-Id: I061ecfba4db363902c9d7d577d2ce6c612cb9e1d
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-07-24 08:26:07 +01:00
davidcunado-arm
4deb7bcc4f Merge pull request #1005 from ldts/v1
Poplar: Initial commit for Poplar E-96Boards
2017-07-14 16:37:31 +01:00
davidcunado-arm
8f83003b9c Merge pull request #1028 from vchong/bl32_optee_support_v2
hikey: Add BL32 (OP-TEE) support v2
2017-07-14 16:37:02 +01:00
Jorge Ramirez-Ortiz
e35d0edbbf Poplar: Initial commit for Poplar E-96Boards
The board features the Hi3798C V200 with an integrated quad-core
64-bit ARM Cortex A53 processor and high performance Mali T720 GPU,
making it capable of running any commercial set-top solution based on
Linux or Android. Its high performance specification also supports a
premium user experience with up to H.265 HEVC decoding of 4K video at
60 frames per second.

SOC  Hisilicon Hi3798CV200
CPU  Quad-core ARM Cortex-A53 64 bit
DRAM DDR3/3L/4 SDRAM interface, maximum 32-bit data width 2 GB
USB  Two USB 2.0 ports One USB 3.0 ports
CONSOLE  USB-micro port for console support
ETHERNET  1 GBe Ethernet
PCIE  One PCIe 2.0 interfaces
JTAG  8-Pin JTAG
EXPANSION INTERFACE  Linaro 96Boards Low Speed Expansion slot
DIMENSION Standard 160×120 mm 96Boards Enterprice Edition form factor
WIFI  802.11AC 2*2 with Bluetooth
CONNECTORS  One connector for Smart Card One connector for TSI

The platform boot sequence is as follows:
    l-loader --> arm_trusted_firmware --> u-boot

Repositories:
 - https://github.com/Linaro/poplar-l-loader.git
 - https://github.com/Linaro/poplar-u-boot.git

U-Boot is also upstream in the project's master branch.

Make sure you are using the correct branch on each one of these
repositories. The definition of "correct" might change over time (at
this moment in time this would be the "latest" branch).

Build Line:
make CROSS_COMPILE=aarch64-linux-gnu-  all fip SPD=none DEBUG=1
PLAT=poplar BL33=/path/to/u-boot.bin

Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez-ortiz@linaro.org>
Signed-off-by: Leo Yan <leo.yan@linaro.org>
Signed-off-by: Alex Elder <elder@linaro.org>
Tested-by: Jorge Ramirez-Ortiz <jorge.ramirez-ortiz@linaro.org>
Tested-by: Leo Yan <leo.yan@linaro.org>
Tested-by: Alex Elder <elder@linaro.org>
2017-07-14 16:44:12 +02:00
Victor Chong
5e3325e73c hikey960: Add BL32 (OP-TEE) support
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Acked-by: Haojian Zhuang <haojian.zhuang@linaro.org>
2017-07-13 01:22:56 +09:00
Victor Chong
3b6e88a2b3 hikey: Add BL32 (OP-TEE) support
Signed-off-by: Victor Chong <victor.chong@linaro.org>
2017-07-12 18:23:26 +09:00
Victor Chong
367456df16 hikey: Fix errors in doc
Signed-off-by: Victor Chong <victor.chong@linaro.org>
2017-07-12 16:28:09 +09:00
Victor Chong
42ba9f29fe hikey960: Fix errors in doc
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Acked-by: Haojian Zhuang <haojian.zhuang@linaro.org>
2017-07-12 12:01:25 +09:00
Eleanor Bonnici
ec4a2bb5e3 Updates user guide following out of box testing.
Change-Id: I0cd355d9fc7f14fb4eabb443d596d6f0858f609e
Signed-off-by: Eleanor Bonnici <Eleanor.bonnici@arm.com>
2017-07-07 17:01:56 +01:00
David Cunado
aee3ef48a7 Release v1.4: update change-log.rst
Updated change-log.rst with summary of changes since release v1.3.

Change-Id: Iecd31ed315bd9ad7ffe8bce6550f7c90e1e3a9b0
Signed-off-by: David Cunado <david.cunado@arm.com>
2017-07-06 17:46:32 +01:00
David Cunado
31f2f79de6 Migrate to Linaro release 17.04
ARM TF has been tested against Linaro Release 17.04 - the Linaro
binaries have been update and also the version of the compiler.

Linaro binaries: 17.01 --> 17.04
AArch64 & AArch32 compilers: 5.3-2015.05 (gcc 5.3) -> 6.2-2016.11 (gcc 6.2)

This patch updates the User Guide is to state that Linaro
release 17.04 is supported.

Additionally, the following fixes are made to the User Guide:
- Removed out of date reference to Linaro release 16.06.
- Updated the Juno variant coverage to include r2.

Change-Id: Iebbced3356f8c6b3c2bff2df62574db9f937ca7b
Signed-off-by: David Cunado <david.cunado@arm.com>
2017-07-06 14:38:17 +01:00
David Cunado
64d50c7471 Update Foundation, AEM and Cortex Models versions
Trusted Firmware has been tested as part of its CI system against Cortex
and Foundation models in the 11.0 Model release available on
developer.arm.com. Trusted Firmware has also been tested against the v8.5
AEM model.

This patch updates the user guide documentation to reflect the version of
the Foundation, AEM and Cortex Models that Trusted Firmware has been
tested against.

Change-Id: I3b5b4d1e4220bda1dcc88aa9cfa01fa711ed92cd
Signed-off-by: David Cunado <david.cunado@arm.com>
2017-07-05 13:56:49 +01:00
Douglas Raillard
06fb4278e6 Remove Markdown documentation
Removed Markdown documents as they have been converted to
reStructuredText.

Change-Id: I3148222eb31258f158f64de4ddcdda4b232ce483
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2017-06-29 16:22:45 +01:00
Douglas Raillard
668c5022e5 Manual fixes to reST documentations
Non-automated fixes to the converted documentation.

Change-Id: I61f3d37c7a8d6a56a7351048060b970c5b3751e4
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2017-06-29 11:48:05 +01:00
Douglas Raillard
6f62574767 Convert documentation to reStructuredText
Due to recent issues in the rendering of the documentation on GitHub and
some long-standing issues like the lack of automatic table of content in
Markdown, the documentation has been converted to reStructuredText.
Basic constructs looks pretty similar to Markdown.

Automatically convert GitHub markdown documentation to reStructuredText
using pandoc.

Change-Id: If20b695acedc6d1b49c8d9fb64efd6b6ba23f4a9
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2017-06-29 11:47:09 +01:00
Douglas Raillard
7af4d2b6ae Fix various small issues in the documentation
Change some hard-to-convert constructs to cleaner ones.
Fix a broken link.

Change-Id: Ida70aa1da0af7a107b0e05eb20b8d46669a0380b
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2017-06-29 11:02:54 +01:00
Soby Mathew
e60f2af949 ARM plat changes to enable CryptoCell integration
This patch makes the necessary changes to enable ARM platform to
successfully integrate CryptoCell during Trusted Board Boot. The
changes are as follows:

* A new build option `ARM_CRYPTOCELL_INTEG` is introduced to select
  the CryptoCell crypto driver for Trusted Board boot.

* The TrustZone filter settings for Non Secure DRAM is modified
  to allow CryptoCell to read this memory. This is required to
  authenticate BL33 which is loaded into the Non Secure DDR.

* The CSS platforms are modified to use coherent stacks in BL1 and BL2
  when CryptoCell crypto is selected. This is because CryptoCell makes
  use of DMA to transfer data and the CryptoCell SBROM library allocates
  buffers on the stack during signature/hash verification.

Change-Id: I1e6f6dcd1899784f1edeabfa2a9f279bbfb90e31
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
2017-06-28 15:58:06 +01:00
Douglas Raillard
f7ad7a63c5 Document CFLAGS make option
CFLAGS content can be set on the command line to allow passing extra
options to the compiler. Its content is appended after the options set
by the Makefile (TF_CFLAGS).

The Makefiles must use TF_CFLAGS instead of CFLAGS, as the latter can be
completely overriden by setting it on the command line.

Also tell about LDFLAGS in the "Debugging options" section.

Change-Id: Iaf27b424002898ef3040133f78cb133983a37aee
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2017-06-28 15:03:05 +01:00
Douglas Raillard
c2b8806fb6 Introduce TF_LDFLAGS
Use TF_LDFLAGS from the Makefiles, and still append LDFLAGS as well to
the compiler's invocation. This allows passing extra options from the
make command line using LDFLAGS.

Document new LDFLAGS Makefile option.

Change-Id: I88c5ac26ca12ac2b2d60a6f150ae027639991f27
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2017-06-28 15:03:05 +01:00
danh-arm
6bf3624969 Merge pull request #1009 from islmit01/im/aarch32_juno
Add Juno AArch32 and AArch64 User Guide instructions
2017-06-28 14:51:37 +01:00
Isla Mitchell
f5f1f9f236 Add Juno AArch32 and AArch64 User Guide instructions
Updated section 6, building a FIP for Juno and FVP, adding
instructions for AArch32 and AArch64.

Updated section 4.1, summary of build options, to include a
description of the `JUNO_AARCH32_EL3_RUNTIME` build flag.

Change-Id: I4ed006522cab981371c382859063f088fbfcb8f7
Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
2017-06-28 14:15:25 +01:00
danh-arm
d6c26ade63 Merge pull request #1006 from robertovargas-arm/doc-format
Improve format of exception vectors in BL1 description
2017-06-28 13:48:31 +01:00
Roberto Vargas
7e3f1d9c0f Improve format of exception vectors in BL1 description
Without the additional newlines all the text becomes a single paragraph
and next newlines are ignored.

Change-Id: I783198477f654e3923fcabb21248f2bc62c33e9d
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
2017-06-28 12:02:53 +01:00
Douglas Raillard
0731f7eb2a Fix broken link in documentation
Fix link in docs/firmware-update.md and docs/change-log.md:
https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Image-Terminology

Change-Id: I2d51d373fd0f7da59b548cd6bed52c47772014fd
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2017-06-27 11:09:11 +01:00
dp-arm
d832aee900 aarch64: Enable Statistical Profiling Extensions for lower ELs
SPE is only supported in non-secure state.  Accesses to SPE specific
registers from SEL1 will trap to EL3.  During a world switch, before
`TTBR` is modified the SPE profiling buffers are drained.  This is to
avoid a potential invalid memory access in SEL1.

SPE is architecturally specified only for AArch64.

Change-Id: I04a96427d9f9d586c331913d815fdc726855f6b0
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
2017-06-22 10:33:19 +01:00
David Cunado
18f2efd67d Fully initialise essential control registers
This patch updates the el3_arch_init_common macro so that it fully
initialises essential control registers rather then relying on hardware
to set the reset values.

The context management functions are also updated to fully initialise
the appropriate control registers when initialising the non-secure and
secure context structures and when preparing to leave EL3 for a lower
EL.

This gives better alignement with the ARM ARM which states that software
must initialise RES0 and RES1 fields with 0 / 1.

This patch also corrects the following typos:

"NASCR definitions" -> "NSACR definitions"

Change-Id: Ia8940b8351dc27bc09e2138b011e249655041cfc
Signed-off-by: David Cunado <david.cunado@arm.com>
2017-06-21 17:57:54 +01:00
Masahiro Yamada
63b3a28ebb uniphier: add TSP support
Add TSP to test BL32 without relying on external projects.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-06-13 00:32:57 +09:00
Masahiro Yamada
d8e919c7b8 uniphier: support Socionext UniPhier platform
Initial commit for Socionext UniPhier SoC support.  BL1, Bl2, and
BL31 are supported.  Refer to docs/plat/socionext-uniphier.md for
more detais.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-06-13 00:32:57 +09:00
Haojian Zhuang
7fe08b2bee hikey960: add document
Add document on HiKey960 platform and how to build.

Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
2017-06-08 07:33:22 +08:00
danh-arm
f9a050e41b Merge pull request #969 from Summer-ARM/sq/update-doc
Update the path for firmware_image_package.h in firmware-design.md
2017-06-06 13:39:58 +01:00
danh-arm
b32e6b2b35 Merge pull request #963 from soby-mathew/sm/scmi_dev
Add SCMI power domain and system power protocol support
2017-06-05 14:42:59 +01:00
danh-arm
c66f4adee3 Merge pull request #961 from jeenu-arm/gic-600
Introduce ARM GIC-600 driver
2017-06-05 14:41:31 +01:00
Soby Mathew
c04a3b6c18 CSS: Add SCMI driver for SCP
This patch adds the SCMI driver for communicating with SCP. The power
domain management and system power management protocol of the SCMI
specification[1] is implemented in the driver. The SCP power management
abstraction layer for SCMI for CSS power management is also added.

A new buid option `CSS_USE_SCMI_DRIVER` is introduced to select SCMI
driver over SCPI.

[1] ARM System Control and Management Interface v1.0 (SCMI)
Document number: ARM DEN 0056A

Change-Id: I67265615a17e679a2afe810b9b0043711ba09dbb
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
2017-06-05 13:32:17 +01:00
Summer Qin
175bc85eee Update the path for firmware_image_package.h in firmware-design.md
Change-Id: Ic0a9b3c6d212e7171b37f944e11f079282dcce87
Signed-off-by: Summer Qin <summer.qin@arm.com>
2017-06-02 14:54:18 +08:00
Antonio Nino Diaz
9d6fc3c321 FWU: Introduce FWU_SMC_IMAGE_RESET
This SMC is as a means for the image loading state machine to go from
COPYING, COPIED or AUTHENTICATED states to RESET state. Previously, this
was only done when the authentication of an image failed or when the
execution of the image finished.

Documentation updated.

Change-Id: Ida6d4c65017f83ae5e27465ec36f54499c6534d9
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2017-06-01 14:52:12 +01:00
Antonio Nino Diaz
128daee298 FWU: Check for overlaps when loading images
Added checks to FWU_SMC_IMAGE_COPY to prevent loading data into a
memory region where another image data is already loaded.

Without this check, if two images are configured to be loaded in
overlapping memory regions, one of them can be loaded and
authenticated and the copy function is still able to load data from
the second image on top of the first one. Since the first image is
still in authenticated state, it can be executed, which could lead to
the execution of unauthenticated arbitrary code of the second image.

Firmware update documentation updated.

Change-Id: Ib6871e569794c8e610a5ea59fe162ff5dcec526c
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2017-06-01 14:52:11 +01:00
Antonio Nino Diaz
79eb1aff78 Remove DISABLE_PEDANTIC build option
It doesn't make sense to use the `-pedantic` flag when building the
Trusted Firmware as we use GNU extensions and so our code is not
fully ISO C compliant. This flag only makes sense if the code intends to
be ISO C compliant.

Change-Id: I6273564112759ff57f03b273f5349733a5f38aef
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2017-06-01 13:25:51 +01:00
Jeenu Viswambharan
e1c59ab3f1 Introduce ARM GIC-600 driver
ARM GIC-600 IP complies with ARM GICv3 architecture, but among others,
implements a power control register in the Redistributor frame. This
register must be programmed to mark the frame as powered on, before
accessing other registers in the frame. Rest of initialization sequence
remains the same.

The driver provides APIs for Redistributor power management, and
overrides those in the generic GICv3 driver. The driver data is shared
between generic GICv3 driver and that of GIC-600.

For FVP platform, the GIC-600 driver is chosen when FVP_USE_GIC_DRIVER
is set to FVP_GIC600. Also update user guide.

Change-Id: I321b2360728d69f6d4b0a747b2cfcc3fe5a20d67
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-06-01 11:44:56 +01:00
davidcunado-arm
572e141327 Merge pull request #949 from antonio-nino-diaz-arm/an/printf-memory
Reduce code size when building with Trusted Board Boot enabled
2017-05-30 10:56:47 +01:00
Haojian Zhuang
3d3b02d942 hikey: add hikey support
Add the description on hikey and how to build.

Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
2017-05-24 17:34:41 +01:00
dp-arm
8237708368 docs: Add note on how to build TF using clang or armclang
Change-Id: I92fd2fb920fcfc31bfcdadae787d8c84c5ca463b
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
2017-05-24 14:24:49 +01:00
danh-arm
e715e676e3 Merge pull request #938 from masahir0y/tools_share
Collect headers shared between TF and host-tools into include/tools_share
2017-05-24 14:20:20 +01:00
Antonio Nino Diaz
d77b98cabf mbedtls: Use MBEDTLS_SHA256_SMALLER in ARM platforms
This options enables an implementation of SHA-256 that has a smaller
code footprint (~1.6 KB less) but is also ~30% slower. For ARM
platforms, code size is currently considered more important than
execution speed in the mbed TLS crypto module.

Added a small note about this option to the documentation of the
authentication framework.

Change-Id: I4c0b221ea5d3466465261316ba07b627fa01b233
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2017-05-24 14:17:02 +01:00
Masahiro Yamada
bb41eb7a9d cert: move platform_oid.h to include/tools_share for all platforms
Platforms aligned with TBBR are supposed to use their own OIDs, but
defining the same macros with different OIDs does not provide any
value (at least technically).

For easier use of TBBR, this commit allows platforms to reuse the OIDs
obtained by ARM Ltd.  This will be useful for non-ARM vendors that
do not need their own extension fields in their certificate files.

The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h

Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by
defining USE_TBBR_DEFS as 1.  USE_TBBR_DEFS is 0 by default to keep the
backward compatibility.

For clarification, I inserted a blank line between headers from the
include/ directory (#include <...>) and ones from a local directory
(#include "..." ).

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-05-24 00:08:35 +09:00
danh-arm
c1de3fdd32 Merge pull request #947 from davidcunado-arm/dc/update_userguide
Migrate to Linaro Release 17.01
2017-05-22 15:31:37 +01:00
David Cunado
218888dee8 Migrate to Linaro Release 17.01
This Linaro release updates just the binaries:

Linaro binaries upgraded 16.12 --> 17.01

The toolchain remains at 5.3-2015.05 (gcc 5.3) for both AArch64
and AArch32.

The ARM TF codebase has been tested against these new binaries. This patch
updates the User Guide to reflect that the 17.01 release is now a supported
Linaro Release.

Change-Id: I83c579dabd3fa9861ba0d41507036efbd87abcb5
Signed-off-by: David Cunado <david.cunado@arm.com>
2017-05-19 10:50:54 +01:00
Antonio Nino Diaz
0da2fe7e29 Simplify assert() to reduce memory usage
The behaviour of assert() now depends on the value of the new optional
platform define `PLAT_LOG_LEVEL_ASSERT`. This defaults to `LOG_LEVEL` if
not defined by the platform.

- If `PLAT_LOG_LEVEL_ASSERT` >= `LOG_LEVEL_VERBOSE`, it prints the file
  name, line and asserted expression.
- If `PLAT_LOG_LEVEL_ASSERT` >= `LOG_LEVEL_INFO`, it prints the file
  name and line.
- If not, it doesn't print anything.

Note the old behaviour was to print the function name whereas now it
prints the file name. This reduces memory usage because the file name is
shared between all assert calls in a given file. Also, the default
behaviour in debug builds is to no longer print the asserted expression,
greatly reducing the string usage.

For FVP debug builds this change saves approximately:

              No TBBR    TBBR
        BL1    1.6 KB   2.2 KB
        BL2    1.7 KB   2.1 KB
        BL31   2.6 KB   3.3 KB

Change-Id: I2947569d593df0b25611dc3c7a6096f42155c115
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2017-05-16 09:58:08 +01:00
davidcunado-arm
f67c66311e Merge pull request #928 from davidcunado-arm/dc/update_userguide
Update AEM and Cortex Models versions
2017-05-11 16:05:07 +01:00
davidcunado-arm
d6104f5ab4 Merge pull request #927 from jeenu-arm/state-switch
Execution state switch
2017-05-11 16:04:52 +01:00
David Cunado
b9ecb21676 Update AEM and Cortex Models versions
AEMv8-A Model release v8.4 has been made available and Trusted Firmware
has been tested against these versions as part of its CI system. This
patch updates the user guide documentation to reflect the version of AEM
and Cortex Models that Trusted Firmware has been tested against.

Additionally, ARM FVPs FVP_Base_Cortex-A57x1-A53x1 and
FVP_Base_Cortex-A57x2-A53x4 are removed from the list of tested FVPs
as they are currently not being tested with the latest version of ARM
Trusted Firmware.

Also, documentation and links to Linaro pages have been updated to
reflect the changes in the ARM community document hosting.

Change-Id: Idae97303ce0929c82b137017de84ce94678f6f2b
Signed-off-by: David Cunado <david.cunado@arm.com>
2017-05-05 11:31:13 +01:00
Jeenu Viswambharan
b10d44995e Introduce ARM SiP service to switch execution state
In AArch64, privileged exception levels control the execution state
(a.k.a. register width) of the immediate lower Exception Level; i.e.
whether the lower exception level executes in AArch64 or AArch32 state.
For an exception level to have its execution state changed at run time,
it must request the change by raising a synchronous exception to the
higher exception level.

This patch implements and adds such a provision to the ARM SiP service,
by which an immediate lower exception level can request to switch its
execution state. The execution state is switched if the request is:

  - raised from non-secure world;

  - raised on the primary CPU, before any secondaries are brought online
    with CPU_ON PSCI call;

  - raised from an exception level immediately below EL3: EL2, if
    implemented; otherwise NS EL1.

If successful, the SMC doesn't return to the caller, but to the entry
point supplied with the call. Otherwise, the caller will observe the SMC
returning with STATE_SW_E_DENIED code. If ARM Trusted Firmware is built
for AArch32, the feature is not supported, and the call will always
fail.

For the ARM SiP service:

  - Add SMC function IDs for both AArch32 and AArch64;
  - Increment the SiP service minor version to 2;
  - Adjust the number of supported SiP service calls.

Add documentation for ARM SiP service.

Fixes ARM-software/tf-issues#436

Change-Id: I4347f2d6232e69fbfbe333b340fcd0caed0a4cea
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-05-04 11:00:34 +01:00
David Cunado
16292f5481 Update terminology: standard SMC to yielding SMC
Since Issue B (November 2016) of the SMC Calling Convention document
standard SMC calls are renamed to yielding SMC calls to help avoid
confusion with the standard service SMC range, which remains unchanged.

http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf

This patch adds a new define for yielding SMC call type and deprecates
the current standard SMC call type. The tsp is migrated to use this new
terminology and, additionally, the documentation and code comments are
updated to use this new terminology.

Change-Id: I0d7cc0224667ee6c050af976745f18c55906a793
Signed-off-by: David Cunado <david.cunado@arm.com>
2017-04-26 12:58:52 +01:00
davidcunado-arm
e83b5fdc7a Merge pull request #898 from soby-mathew/sm/dcache-early
PSCI: Build option to enable D-Caches early in warmboot
2017-04-21 11:45:53 +01:00
davidcunado-arm
228bfabaf8 Merge pull request #903 from antonio-nino-diaz-arm/an/build-xlat-v1
ARM platforms: Add option to use xlat tables lib v1
2017-04-21 09:40:25 +01:00
Antonio Nino Diaz
044bb2faab Remove build option ASM_ASSERTION
The build option `ENABLE_ASSERTIONS` should be used instead. That way
both C and ASM assertions can be enabled or disabled together.

All occurrences of `ASM_ASSERTION` in common code and ARM platforms have
been replaced by `ENABLE_ASSERTIONS`.

ASM_ASSERTION has been removed from the user guide.

Change-Id: I51f1991f11b9b7ff83e787c9a3270c274748ec6f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2017-04-20 09:58:28 +01:00
Antonio Nino Diaz
cc8b56322b Add ENABLE_ASSERTIONS build option
Add the new build option `ENABLE_ASSERTIONS` that controls whether or
not assert functions are compiled out. It defaults to 1 for debug builds
and to 0 for release builds.

Additionally, a following patch will be done to allow this build option
to hide auxiliary code used for the checks done in an `assert()`. This
code is is currently under the DEBUG build flag.

Assert messages are now only printed if LOG_LEVEL >= LOG_LEVEL_INFO,
which is the default for debug builds.

This patch also updates the User Guide.

Change-Id: I1401530b56bab25561bb0f274529f1d12c5263bc
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2017-04-19 16:00:53 +01:00
Soby Mathew
bcc3c49c90 PSCI: Build option to enable D-Caches early in warmboot
This patch introduces a build option to enable D-cache early on the CPU
after warm boot. This is applicable for platforms which do not require
interconnect programming to enable cache coherency (eg: single cluster
platforms). If this option is enabled, then warm boot path enables
D-caches immediately after enabling MMU.

Fixes ARM-Software/tf-issues#456

Change-Id: I44c8787d116d7217837ced3bcf0b1d3441c8d80e
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
2017-04-19 12:07:05 +01:00
Antonio Nino Diaz
3b211ff571 ARM platforms: Add option to use xlat tables lib v1
ARM platforms have migrated to the translation tables library v2.
However, for testing purposes, it can be useful to temporarily switch
back to the old version.

This patch introduces the option `ARM_XLAT_TABLES_LIB_V1`, that switches
to v1 of the library when is set to 1. By default, it is 0, so that ARM
platforms use the new version unless specifically stated.

Updated User Guide.

Change-Id: I53d3c8dd97706f6af9c6fca0364a88ef341efd31
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2017-04-19 11:56:08 +01:00
davidcunado-arm
f07d3985b8 Merge pull request #885 from antonio-nino-diaz-arm/an/console-flush
Implement console_flush()
2017-04-12 22:23:44 +01:00
davidcunado-arm
ed7562521b Merge pull request #886 from dp-arm/dp/stack-protector
Add support for GCC stack protection
2017-04-06 10:20:47 +01:00