Commit Graph

1723 Commits

Author SHA1 Message Date
David Cunado
e361cf3b51 Migrate to Linaro Release 16.12
This Linaro release updates both the binaries and the toolchain:
Linaro binaries upgraded 16.06 --> 16.12
AArch64 compiler upgraded 15.05 (gcc 4.9) --> 5.3-2015.05 (gcc 5.3)
AArch32 compiler upgraded 15.05 (gcc 4.9) --> 5.3-2015.05 (gcc 5.3)

The ARM TF codebase has been tested against these new binaries. This patch
updates the User Guide to reflect that the 16.12 release is now a supported
Linaro Release.

Change-Id: I6247e820f591df7d05df4f622ee45a3abf2c2d72
Signed-off-by: David Cunado <david.cunado@arm.com>
2017-02-13 17:26:24 +00:00
davidcunado-arm
4d07e7821e Merge pull request #836 from davidcunado-arm/dc/update_userguide
Update AEM and Cortex Models versions
2017-02-13 11:15:02 +00:00
David Cunado
dbd1ab8e90 Update AEM and Cortex Models versions
AEMv8-A Model release v8.2 has been made available and Trusted Firmware
has been tested against these versions as part of its CI system. This
patch updates the user guide documentation to reflect the version of AEM
and Cortex Models that Trusted Firmware has been tested against.

Also, the Linaro Release Notes link was broken and this patch updates the
link.

Change-Id: I88729cef909a69fff629036f480fd6168ad7dc9a
Signed-off-by: David Cunado <david.cunado@arm.com>
2017-02-10 15:28:16 +00:00
danh-arm
bab16f9912 Merge pull request #831 from masahir0y/zynqmp
zynqmp: remove RESET_TO_BL31=1 from build instruction
2017-02-07 15:15:03 +00:00
danh-arm
7c202689cd Merge pull request #830 from masahir0y/misc
gitignore: ignore GNU GLOBAL tag files
2017-02-06 16:13:32 +00:00
danh-arm
6135922c77 Merge pull request #827 from dp-arm/dp/pmf-constants
PMF: Fixup PMF constants
2017-02-06 16:12:13 +00:00
Masahiro Yamada
4fff02c629 zynqmp: remove RESET_TO_BL31=1 from build instruction
RESET_TO_BL31=1 is specified by plat/xilinx/zynqmp/platform.mk with
"override" directive.  So, RESET_TO_BL31=1 is guaranteed without any
operation on users' side.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-02-06 17:59:58 +09:00
Masahiro Yamada
a53fe69263 gitignore: ignore GNU GLOBAL tag files
GNU GLOBAL (https://www.gnu.org/software/global/) is source code
tagging system.  It creates 4 tag files (GTAGS, GRTAGS, GSYMS and
GPATH) for the symbol cross-reference.  Ignore them.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-02-03 13:00:28 +09:00
dp-arm
888037e5c8 PMF: Fixup PMF constants
`PMF_ARM_TIF_IMPL_ID` should be set to 0x41.  The code already left
shifts it by 24 bit positions so this was overflowing.

This fixes a build error with GCC 6.2 when
`ENABLE_RUNTIME_INSTRUMENTATION` is set.

Change-Id: I4c99d48ea7ce3d76e9edd1325b1979994db2c0fb
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
2017-02-02 13:48:11 +00:00
danh-arm
bcc2bf0977 Merge pull request #821 from jeenu-arm/errata-printing
Errata printing infrastructure
2017-01-31 15:40:20 +00:00
danh-arm
474d4eca1c Merge pull request #799 from masahir0y/fiptool
fiptool: Alignment support + misc refactoring
2017-01-31 15:39:19 +00:00
danh-arm
e9ced6f291 Merge pull request #825 from dp-arm/dp/simplify-cond
tbbr: Simplify conditional
2017-01-31 15:38:19 +00:00
danh-arm
bac75297ad Merge pull request #823 from douglas-raillard-arm/dr/add_fno_builtin
Add -fno-builtin to CFLAGS
2017-01-31 15:37:26 +00:00
danh-arm
f2590d6195 Merge pull request #822 from jeenu-arm/fix-fvp-refs
user-guide.md: Fix FVP references
2017-01-31 11:10:46 +00:00
danh-arm
424ad49117 Merge pull request #819 from davidcunado-arm/dc/build_with_gcc6.2
Resolve build errors flagged by GCC 6.2
2017-01-31 11:09:27 +00:00
dp-arm
f3ded3782c tbbr: Simplify conditional
These are equivalent so use the reduced form.

Change-Id: I40ca097411b9abab69985b8e4dbccf7582eae49e
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
2017-01-31 10:55:04 +00:00
Jeenu Viswambharan
10bcd76157 Report errata workaround status to console
The errata reporting policy is as follows:

  - If an errata workaround is enabled:

    - If it applies (i.e. the CPU is affected by the errata), an INFO
      message is printed, confirming that the errata workaround has been
      applied.

    - If it does not apply, a VERBOSE message is printed, confirming
      that the errata workaround has been skipped.

  - If an errata workaround is not enabled, but would have applied had
    it been, a WARN message is printed, alerting that errata workaround
    is missing.

The CPU errata messages are printed by both BL1 (primary CPU only) and
runtime firmware on debug builds, once for each CPU/errata combination.

Relevant output from Juno r1 console when ARM Trusted Firmware is built
with PLAT=juno LOG_LEVEL=50 DEBUG=1:

  VERBOSE: BL1: cortex_a57: errata workaround for 806969 was not applied
  VERBOSE: BL1: cortex_a57: errata workaround for 813420 was not applied
  INFO:    BL1: cortex_a57: errata workaround for disable_ldnp_overread was applied
  WARNING: BL1: cortex_a57: errata workaround for 826974 was missing!
  WARNING: BL1: cortex_a57: errata workaround for 826977 was missing!
  WARNING: BL1: cortex_a57: errata workaround for 828024 was missing!
  WARNING: BL1: cortex_a57: errata workaround for 829520 was missing!
  WARNING: BL1: cortex_a57: errata workaround for 833471 was missing!
  ...
  VERBOSE: BL31: cortex_a57: errata workaround for 806969 was not applied
  VERBOSE: BL31: cortex_a57: errata workaround for 813420 was not applied
  INFO:    BL31: cortex_a57: errata workaround for disable_ldnp_overread was applied
  WARNING: BL31: cortex_a57: errata workaround for 826974 was missing!
  WARNING: BL31: cortex_a57: errata workaround for 826977 was missing!
  WARNING: BL31: cortex_a57: errata workaround for 828024 was missing!
  WARNING: BL31: cortex_a57: errata workaround for 829520 was missing!
  WARNING: BL31: cortex_a57: errata workaround for 833471 was missing!
  ...
  VERBOSE: BL31: cortex_a53: errata workaround for 826319 was not applied
  INFO:    BL31: cortex_a53: errata workaround for disable_non_temporal_hint was applied

Also update documentation.

Change-Id: Iccf059d3348adb876ca121cdf5207bdbbacf2aba
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-01-30 14:53:19 +00:00
Jeenu Viswambharan
b38bc68b9e Allow spin locks to be defined from assembly
At present, spin locks can only defined from C files. Add some macros
such that they can be defined from assembly files too.

Change-Id: I64f0c214062f5c15b3c8b412c7f25c908e87d970
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-01-30 14:53:17 +00:00
Douglas Raillard
e507f8e7fe Add -fno-builtin to CFLAGS
Disable the automatic substitution of functions with builtins. The
existing -ffreestanding option should already do this but explicitly
adding -fno-builtin reduces the risk of compiler variation. With this
option, GCC is not supposed to be able to make assumptions on what the
function does, which could otherwise lead to security-sensitive code
removal.

This can lead to potentially less efficient code but improves
predictability of what code is actually compiled into the binary.

Change-Id: I06ad151c61318bd1b00d84976f051d2d94314acc
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
2017-01-30 13:42:26 +00:00
Masahiro Yamada
1c75d5dfb0 fiptool: support --align option to add desired alignment to image offset
The current fiptool packs all the images without any padding between
them.  So, the offset to each image has no alignment.  This is not
efficient, for example, when the FIP is read from a block-oriented
device.

For example, (e)MMC is accessed by block-addressing.  The block size
is 512 byte.  So, the best case is each image is aligned by 512 byte
since the DMA engine can transfer the whole of the image to its load
address directly.  The worst case is the offset does not have even
DMA-capable alignment (this is where we stand now).  In this case,
we need to transfer every block to a bounce buffer, then do memcpy()
from the bounce buffer to our final destination.  At least, this
should work with the abstraction by the block I/O layer, but the
CPU-intervention for the whole data transfer makes it really slow.

This commit adds a new option --align to the fiptool.  This option,
if given, requests the tool to align each component in the FIP file
by the specified byte.  Also, add a new Make option FIP_ALIGN for
easier access to this feature; users can give something like
FIP_ALIGN=512 from the command line, or add "FIP_ALIGN := 512" to
their platform.mk file.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-01-28 14:47:44 +09:00
Masahiro Yamada
65caa3d0ad fiptool: embed fip_toc_entry in struct image
The struct image has "uuid" and "size" to memorize the field values
they had in the TOC entry.  So, parse_fip() copies them from struct
fip_toc_entry to struct image, then pack_images() copies them back
to struct fip_toc_entry.

The next commit (support --align option) will require to save the
"offset" field as well.  This makes me realize that struct image
can embed struct fip_toc_entry.

This commit will allow the "flags" field to persevere the "update"
command.  At this moment, the "flags" is not used in a useful way.
(Yet, platforms can save their own parameters in the flags field.)
It makes sense to save it unless users explicitly replace the image.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-01-28 14:44:21 +09:00
Masahiro Yamada
a1da83f5fc fiptool: add xfwrite() helper
We have same patterns for fwrite().

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-01-27 15:04:31 +09:00
Masahiro Yamada
4f96a49843 fiptool: fix the global option in usage
The global option --verbose should come after the "fiptool".

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-01-27 15:03:46 +09:00
Masahiro Yamada
ee07932080 fiptool: simplify the top line of command usage
We need not mention like [--force], [--out <path>] because they are
included in [opts].

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-01-27 15:03:46 +09:00
Masahiro Yamada
9e866d34ed fiptool: refactor remove_image()
We need not handle the image_head as a special case.  Just use
a double-pointer to simplify the traverse.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-01-27 15:03:46 +09:00
Masahiro Yamada
e9e0d2877f fiptool: simplify assert() for add_image(_desc)
lookup_image(_desc)_from_uuid() traverses the linked list, so it
is not efficient.  We just want to make sure *p points to NULL here.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-01-27 15:03:18 +09:00
Masahiro Yamada
ea39d557ae fiptool: revive replace_image() to keep the image order by update command
Commit e0f083a09b ("fiptool: Prepare ground for expanding the set
of images at runtime") introduced another side effect; the "update"
command now changes the image order in the FIP.

Let's say you have an FIP with BL2, BL31, BL32, BL33.  If you update
for example, BL32 with the "update" command, you will get a new FIP
with BL2, BL31, BL33, BL32, in this order.

It happens like this; remove_image() removes the old image from the
linked list, add_image() adds the new image at the tail of the list,
then images are packed in the new order.  Prior to that commit,
images were updated by replace_image(), but it was deleted by the
re-work.  Revive replace_image() that is re-implemented to work with
the linked list.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-01-27 15:01:23 +09:00
Masahiro Yamada
67973fb4f7 fiptool: remove always true conditional
The conditional

  if (desc != NULL)
          ...

is always true here because we assert it 6 lines above:

  assert(desc != NULL);

Remove the if-conditional and concatenate the printf() calls.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-01-27 13:21:21 +09:00
Masahiro Yamada
40866aaf1c fiptool: fix existence check of FIP input file for update command
This line should check the existence of the input file, but it is
actually checking the output file.  When -o option is given to the
"update" command, the outfile is unlikely to exist, then parse_fip()
is skipped and an empty FIP file is output.  This is wrong behavior.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-01-27 13:21:21 +09:00
danh-arm
c38b36d8a0 Merge pull request #814 from freedomtan/patches-for-8173-crbook-osi-0110
Patches for 8173 crbook
2017-01-26 14:50:34 +00:00
Jeenu Viswambharan
186cbd0815 user-guide.md: Fix FVP references
The current user guide mentions that Foundation model doesn't support
debugger interface. Clarify that all FVPs support --cadi-server option
such that a CADI-compliant debugger can connect to and control model
execution.

Also fix broken URL to FVP home page.

Change-Id: Ia14d618a4e0abb4b228eb1616040f9b51fb3f6f9
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-01-26 14:20:22 +00:00
David Cunado
9edac0479d Resolve build errors flagged by GCC 6.2
With GCC 6.2 compiler, more C undefined behaviour is being flagged as
warnings, which result in build errors in ARM TF build.

The specific issue that this patch resolves is the use of (1 << 31),
which is predominantly used in case statements, where 1 is represented
as a signed int. When shifted to msb the behaviour is undefined.

The resolution is to specify 1 as an unsigned int using a convenience
macro ULL(). A duplicate macro MAKE_ULL() is replaced.

Fixes ARM-software/tf-issues#438

Change-Id: I08e3053bbcf4c022ee2be33a75bd0056da4073e1
Signed-off-by: David Cunado <david.cunado@arm.com>
2017-01-26 13:47:37 +00:00
danh-arm
d7aa7b44d6 Merge pull request #817 from antonio-nino-diaz-arm/an/timingsafe
Import constant-time bcmp() and use it where necessary
2017-01-24 16:30:55 +00:00
Antonio Nino Diaz
b621fb503c tbbr: Use constant-time bcmp() to compare hashes
To avoid timing side-channel attacks, it is needed to use a constant
time memory comparison function when comparing hashes. The affected
code only cheks for equality so it isn't needed to use any variant of
memcmp(), bcmp() is enough.

Also, timingsafe_bcmp() is as fast as memcmp() when the two compared
regions are equal, so this change incurrs no performance hit in said
case. In case they are unequal, the boot sequence wouldn't continue as
normal, so performance is not an issue.

Change-Id: I1c7c70ddfa4438e6031c8814411fef79fd3bb4df
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2017-01-24 14:42:13 +00:00
Antonio Nino Diaz
aa050a7bdb stdlib: Import timingsafe_bcmp() from FreeBSD
Some side-channel attacks involve an attacker inferring something from
the time taken for a memory compare operation to complete, for example
when comparing hashes during image authentication. To mitigate this,
timingsafe_bcmp() must be used for such operations instead of the
standard memcmp().

This function executes in constant time and so doesn't leak any timing
information to the caller.

Change-Id: I470a723dc3626a0ee6d5e3f7fd48d0a57b8aa5fd
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2017-01-24 14:42:12 +00:00
danh-arm
34438669d4 Merge pull request #818 from sandrine-bailleux-arm/sb/strnlen
Add strnlen() to local C library
2017-01-24 14:28:19 +00:00
Sandrine Bailleux
d67879d311 Add strnlen() to local C library
This code has been imported and slightly adapted from FreeBSD:
6253393ad8/lib/libc/string/strnlen.c

Change-Id: Ie5ef5f92e6e904adb88f8628077fdf1d27470eb3
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
2017-01-24 10:28:41 +00:00
Koan-Sin Tan
201d535ff6 Remove use of all deprecated APIs
Now it's possbile to build BL31 for MT8173 with ERROR_DEPRECATED=1.

Signed-off-by: Koan-Sin Tan <koansin.tan@gmail.com>
2017-01-24 10:50:14 +08:00
Koan-Sin Tan
8bc20038af Get rid of use of old GIC APIs
Signed-off-by: Koan-Sin Tan <koansin.tan@gmail.com>
2017-01-24 10:50:14 +08:00
Koan-Sin Tan
9cfd83e95f Add support of PSCI_EXTENDED_STATE_ID to MT8173
Signed-off-by: Koan-Sin Tan <koansin.tan@gmail.com>
2017-01-24 10:50:14 +08:00
Koan-Sin Tan
3fc26aa093 Get rid of use of compatibility API
make 'make ARCH=aarch64 CROSS_COMPILE=aarch64-linux-gnu- PLAT=mt8173
ENABLE_PLAT_COMPAT=0' work.

Change-Id: I13f35d8aef23dfa0e65883fa0be43f1513c9fef5
Signed-off-by: Koan-Sin Tan <koansin.tan@gmail.com>
2017-01-24 10:50:14 +08:00
danh-arm
4abd2225c2 Merge pull request #800 from masahir0y/ifdef
Correct preprocessor conditionals
2017-01-23 16:49:43 +00:00
danh-arm
e02be20722 Merge pull request #815 from hzhuang1/dwmmc_v3.9
drivers: add designware emmc driver
2017-01-23 16:47:55 +00:00
Masahiro Yamada
6af03f9c45 Use #ifdef for AARCH32 instead of #if
One nasty part of ATF is some of boolean macros are always defined
as 1 or 0, and the rest of them are only defined under certain
conditions.

For the former group, "#if FOO" or "#if !FOO" must be used because
"#ifdef FOO" is always true.  (Options passed by $(call add_define,)
are the cases.)

For the latter, "#ifdef FOO" or "#ifndef FOO" should be used because
checking the value of an undefined macro is strange.

For AARCH32/AARCH64, these macros are defined in the top-level
Makefile as follows:

ifeq (${ARCH},aarch32)
        $(eval $(call add_define,AARCH32))
else
        $(eval $(call add_define,AARCH64))
endif

This means only one of the two is defined.  So, AARCH32/AARCH64
belongs to the latter group where we should use #ifdef or #ifndef.
The conditionals are mostly coded correctly, but I see some mistakes.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-01-24 01:01:21 +09:00
Masahiro Yamada
3d8256b2a1 Use #ifdef for IMAGE_BL* instead of #if
One nasty part of ATF is some of boolean macros are always defined
as 1 or 0, and the rest of them are only defined under certain
conditions.

For the former group, "#if FOO" or "#if !FOO" must be used because
"#ifdef FOO" is always true.  (Options passed by $(call add_define,)
are the cases.)

For the latter, "#ifdef FOO" or "#ifndef FOO" should be used because
checking the value of an undefined macro is strange.

Here, IMAGE_BL* is handled by make_helpers/build_macro.mk like
follows:

  $(eval IMAGE := IMAGE_BL$(call uppercase,$(3)))

  $(OBJ): $(2)
          @echo "  CC      $$<"
          $$(Q)$$(CC) $$(TF_CFLAGS) $$(CFLAGS) -D$(IMAGE) -c $$< -o $$@

This means, IMAGE_BL* is defined when building the corresponding
image, but *undefined* for the other images.

So, IMAGE_BL* belongs to the latter group where we should use #ifdef
or #ifndef.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2017-01-24 01:01:21 +09:00
danh-arm
7750990cfe Merge pull request #808 from masahir0y/build_fix
Fix parallel building
2017-01-23 14:44:27 +00:00
Haojian Zhuang
5dbdb7da1c drivers: add designware emmc driver
Support Designware eMMC driver. It's based on both IO block
and eMMC driver.

Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
2017-01-23 22:08:45 +08:00
danh-arm
bf6363acd4 Merge pull request #810 from masahir0y/fiptool_fix
Fix fiptool bug introduced by recent rework
2017-01-23 12:00:50 +00:00
danh-arm
7b94e4b9d2 Merge pull request #813 from antonio-nino-diaz-arm/an/libfdt
Update libfdt to version 1.4.2
2017-01-23 11:42:46 +00:00
danh-arm
23beccc9f7 Merge pull request #812 from antonio-nino-diaz-arm/an/clear-static-vars
Clear static variables in X509 parser on error
2017-01-23 11:39:17 +00:00