2020-06-19 |
TF-A: Add ARMv8.5 'bti' build option
...
This patch adds BRANCH_PROTECTION = 4 'bti' build option
which turns on branch target identification mechanism.
Change-Id: I32464a6b51726a100519f449a95aea5331f0e82d
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Alexei Fedorov
committed
on 19 Jun 2020
|
2020-06-12 |
Prevent RAS register access from lower ELs
...
This patch adds a build config 'RAS_TRAP_LOWER_EL_ERR_ACCESS' to set
SCR_EL3.TERR during CPU boot. This bit enables trapping RAS register
accesses from EL1 or EL2 to EL3.
RAS_TRAP_LOWER_EL_ERR_ACCESS is disabled by default.
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Change-Id: Ifb0fb0afedea7dd2a29a0b0491a1161ecd241438
Varun Wadekar
committed
on 12 Jun 2020
|
2020-06-09 |
Merge "GICv3: GIC-600: Detect GIC-600 at runtime" into integration
Madhukar Pappireddy
authored
on 9 Jun 2020
TrustedFirmware Code Review
committed
on 9 Jun 2020
|
plat/fvp: Add support for dynamic description of secure interrupts
...
Using the fconf framework, the Group 0 and Group 1 secure interrupt
descriptors are moved to device tree and retrieved in runtime. This
feature is enabled by the build flag SEC_INT_DESC_IN_FCONF.
Change-Id: I360c63a83286c7ecc2426cd1ff1b4746d61e633c
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Madhukar Pappireddy
committed
on 9 Jun 2020
|
GICv3: GIC-600: Detect GIC-600 at runtime
...
The only difference between GIC-500 and GIC-600 relevant to TF-A is the
differing power management sequence.
A certain GIC implementation is detectable at runtime, for instance by
checking the IIDR register. Let's add that test before initiating the
GIC-600 specific sequence, so the code can be used on both GIC-600 and
GIC-500 chips alike, without deciding on a GIC chip at compile time.
This means that the GIC-500 "driver" is now redundant. To allow minimal
platform support, add a switch to disable GIC-600 support.
Change-Id: I17ea97d9fb05874772ebaa13e6678b4ba3415557
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara
authored
on 25 Mar 2020
Madhukar Pappireddy
committed
on 9 Jun 2020
|
2020-05-15 |
plat/arm/fvp: Support performing SDEI platform setup in runtime
...
This patch introduces dynamic configuration for SDEI setup and is supported
when the new build flag SDEI_IN_FCONF is enabled. Instead of using C arrays
and processing the configuration at compile time, the config is moved to
dts files. It will be retrieved at runtime during SDEI init, using the fconf
layer.
Change-Id: If5c35a7517ba00a9f258d7f3e7c8c20cee169a31
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Co-authored-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Balint Dobszay
authored
on 18 Dec 2019
Madhukar Pappireddy
committed
on 15 May 2020
|
2020-05-14 |
Implement workaround for AT speculative behaviour
...
During context switching from higher EL (EL2 or higher)
to lower EL can cause incorrect translation in TLB due to
speculative execution of AT instruction using out-of-context
translation regime.
Workaround is implemented as below during EL's (EL1 or EL2)
"context_restore" operation:
1. Disable page table walk using SCTLR.M and TCR.EPD0 & EPD1
bits for EL1 or EL2 (stage1 and stage2 disabled)
2. Save all system registers except TCR and SCTLR (for EL1 and EL2)
3. Do memory barrier operation (isb) to ensure all
system register writes are done.
4. Restore TCR and SCTLR registers (for EL1 and EL2)
Errata details are available for various CPUs as below:
Cortex-A76: 1165522
Cortex-A72: 1319367
Cortex-A57: 1319537
Cortex-A55: 1530923
Cortex-A53: 1530924
More details can be found in mail-chain:
https://lists.trustedfirmware.org/pipermail/tf-a/2020-April/000445.html
Currently, Workaround is implemented as build option which is default
disabled.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: If8545e61f782cb0c2dda7ffbaf50681c825bd2f0
Manish V Badarkhe
authored
on 27 Apr 2020
Manish V Badarkhe
committed
on 14 May 2020
|
2020-04-16 |
doc: Set fconf as experimental feature
...
Following the messages on the mailing list regarding the possible issue around
reading DTB's information, we decided to flag the fconf feature as experimental.
A uniform approach should be used to handle properties miss and DTB validation.
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Change-Id: Ib3c86e81fb2e89452c593f68d825d3d8f505e1fb
Louis Mayencourt
committed
on 16 Apr 2020
|
2020-04-07 |
TF-A: Add GICv4 extension for GIC driver
...
This patch adds support for GICv4 extension.
New `GIC_ENABLE_V4_EXTN` option passed to gicv3.mk makefile
was added, and enables GICv4 related changes when set to 1.
This option defaults to 0.
Change-Id: I30ebe1b7a98d3a54863900f37eda4589c707a288
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Alexei Fedorov
committed
on 7 Apr 2020
|
2020-04-06 |
TF-A GICv3 driver: Add extended PPI and SPI range
...
This patch provides support for GICv3.1 extended PPI and SPI
range. The option is enabled by setting to 1 and passing
`GIC_EXT_INTID` build flag to gicv3.mk makefile.
This option defaults to 0 with no extended range support.
Change-Id: I7d09086fe22ea531c5df51a8a1efd8928458d394
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Alexei Fedorov
committed
on 6 Apr 2020
|
2020-04-01 |
Enable MTE support
...
Enable MTE support by adding memory tag option in Makefile
This option is available only when ARMv8.5-MemTag is implemented
MTE options are added in latest clang and armclang compiler which
support below options:
for clang <version 11.0.0>
1. -march=arm8.5-a+memtag
2. -fsanitize=memtag
for armclang <version 6.12>
1. -march=arm8.5-a+memtag
2. -mmemtag-stack
Set the option SUPPORT_STACK_MEMTAG=yes to enable memory stack tagging.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I4e0bbde4e9769ce03ead6f550158e22f32c1c413
Manish V Badarkhe
authored
on 22 Mar 2020
Sandrine Bailleux
committed
on 1 Apr 2020
|
2020-03-30 |
TF-A GICv3 driver: Introduce makefile
...
This patch moves all GICv3 driver files into new added
'gicv3.mk' makefile for the benefit of the generic driver
which can evolve in the future without affecting platforms.
The patch adds GICv3 driver configuration flags
'GICV3_IMPL', 'GICV3_IMPL_GIC600_MULTICHIP' and
'GICV3_OVERRIDE_DISTIF_PWR_OPS' described in
'GICv3 driver options' section of 'build-option.rst'
document.
NOTE: Platforms with GICv3 driver need to be modified to
include 'drivers/arm/gic/v3/gicv3.mk' in their makefiles.
Change-Id: If055f6770ff20f5dee5a3c99ae7ced7cdcac5c44
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Alexei Fedorov
committed
on 30 Mar 2020
|
2020-03-27 |
Merge "doc: add spm and spmd related build options" into integration
Manish Pandey
authored
on 27 Mar 2020
TrustedFirmware Code Review
committed
on 27 Mar 2020
|
doc: add spm and spmd related build options
...
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I93892dbe76611a7a4b852af3272a0e6271ae037b
Olivier Deprez
committed
on 27 Mar 2020
|
2020-03-16 |
fconf: Clean Arm IO
...
Merge the previously introduced arm_fconf_io_storage into arm_io_storage. This
removes the duplicate io_policies and functions definition.
This patch:
- replace arm_io_storage.c with the content of arm_fconf_io_storage.c
- rename the USE_FCONF_BASED_IO option into ARM_IO_IN_DTB.
- use the ARM_IO_IN_DTB option to compile out io_policies moved in dtb.
- propagate DEFINES when parsing dts.
- use ARM_IO_IN_DTB to include or not uuid nodes in fw_config dtb.
- set the ARM_IO_IN_DTB to 0 by default for fvp. This ensure that the behavior
of fvp stays the same as it was before the introduction of fconf.
Change-Id: Ia774a96d1d3a2bccad29f7ce2e2b4c21b26c080e
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Louis Mayencourt
committed
on 16 Mar 2020
|
2020-03-09 |
docs: Update docs with firmware encryption feature
...
Update documentation with optional firmware encryption feature.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Change-Id: I26691b18e1ee52a73090954260f26f2865c4e05a
Sumit Garg
committed
on 9 Mar 2020
|
2020-03-06 |
drivers: crypto: Add authenticated decryption framework
...
Add framework for autheticated decryption of data. Currently this
patch optionally imports mbedtls library as a backend if build option
"DECRYPTION_SUPPORT = aes_gcm" is set to perform authenticated decryption
using AES-GCM algorithm.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Change-Id: I2966f0e79033151012bf4ffc66f484cd949e7271
Sumit Garg
committed
on 6 Mar 2020
|
2020-02-26 |
Merge "tools: Small improvement to print_memory_map script" into integration
Sandrine Bailleux
authored
on 26 Feb 2020
TrustedFirmware Code Review
committed
on 26 Feb 2020
|
2020-02-20 |
SPMD: generate and add Secure Partition blobs into FIP
...
Till now TF-A allows limited number of external images to be made part
of FIP. With SPM coming along, there may exist multiple SP packages
which need to be inserted into FIP. To achieve this we need a more
scalable approach to feed SP packages to FIP.
This patch introduces changes in build system to generate and add SP
packages into FIP based on information provided by platform.
Platform provides information in form of JSON which contains layout
description of available Secure Partitions.
JSON parser script is invoked by build system early on and generates
a makefile which updates FIP, SPTOOL and FDT arguments which will be
used by build system later on for final packaging.
"SP_LAYOUT_FILE" passed as a build argument and can be outside of TF-A
tree. This option will be used only when SPD=spmd.
For each SP, generated makefile will have following entries
- FDT_SOURCES += sp1.dts
- SPTOOL_ARGS += -i sp1.img:sp1.dtb -o sp1.pkg
- FIP_ARGS += --blob uuid=XXXX-XXX...,file=SP1.pkg
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ib6a9c064400caa3cd825d9886008a3af67741af7
Manish Pandey
committed
on 20 Feb 2020
|
2020-02-14 |
tools: Small improvement to print_memory_map script
...
This patch:
- Add the __COHERENT_RAM_START__ and __COHERENT_RAM_END__ symbols.
- Improve how the symbols are found with a regex.
- Add a build option to revert the memory layout output.
Change-Id: I54ec660261431bc98d78acb0f80e3d95bc5397ac
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Louis Mayencourt
committed
on 14 Feb 2020
|
2020-02-11 |
Merge changes from topic "lm/fconf" into integration
...
* changes:
arm-io: Panic in case of io setup failure
MISRA fix: Use boolean essential type
fconf: Add documentation
fconf: Move platform io policies into fconf
fconf: Add mbedtls shared heap as property
fconf: Add TBBR disable_authentication property
fconf: Add dynamic config DTBs info as property
fconf: Populate properties from dtb during bl2 setup
fconf: Load config dtb from bl1
fconf: initial commit
Sandrine Bailleux
authored
on 11 Feb 2020
TrustedFirmware Code Review
committed
on 11 Feb 2020
|
2020-02-10 |
Merge "Make PAC demangling more generic" into integration
Mark Dykes
authored
on 10 Feb 2020
TrustedFirmware Code Review
committed
on 10 Feb 2020
|
2020-02-07 |
Make PAC demangling more generic
...
At the moment, address demangling is only used by the backtrace
functionality. However, at some point, other parts of the TF-A
codebase may want to use it.
The 'demangle_address' function is replaced with a single XPACI
instruction which is also added in 'do_crash_reporting()'.
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Change-Id: I4424dcd54d5bf0a5f9b2a0a84c4e565eec7329ec
Alexei Fedorov
committed
on 7 Feb 2020
|
fconf: Move platform io policies into fconf
...
Use the firmware configuration framework to store the io_policies
information inside the configuration device tree instead of the static
structure in the code base.
The io_policies required by BL1 can't be inside the dtb, as this one is
loaded by BL1, and only available at BL2.
This change currently only applies to FVP platform.
Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Louis Mayencourt
committed
on 7 Feb 2020
|
Merge "Adds option to read ROTPK from registers for FVP" into integration
Sandrine Bailleux
authored
on 7 Feb 2020
TrustedFirmware Code Review
committed
on 7 Feb 2020
|
2020-02-06 |
Adds option to read ROTPK from registers for FVP
...
Enables usage of ARM_ROTPK_LOCATION=regs for FVP board.
Removes hard-coded developer keys. Instead, setting
ARM_ROTPK_LOCATION=devel_* takes keys from default directory.
In case of ROT_KEY specified - generates a new hash and replaces the
original.
Note: Juno board was tested by original feature author and was not tested
for this patch since we don't have access to the private key. Juno
implementation was moved to board-specific file without changing
functionality. It is not known whether byte-swapping is still needed
for this platform.
Change-Id: I0fdbaca0415cdcd78f3a388551c2e478c01ed986
Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
Max Shvetsov
committed
on 6 Feb 2020
|
2020-02-03 |
doc: Remove backquotes from external hyperlinks
...
Since Sphinx 2.3.0 backquotes are replaced to \textasciigrave{} during
building latexpdf. Using this element in a \sphinxhref{} breaks the
build. In order to avoid this error backquotes must not be used in
external hyperlinks.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Ie3cf454427e3d5a7b7f9829b42be45aebda7f0dd
Imre Kis
committed
on 3 Feb 2020
|
2020-01-30 |
Merge changes from topic "sb/select-cot" into integration
...
* changes:
Introduce COT build option
cert_create: Remove references to TBBR in common code
cert_create: Introduce COT build option
cert_create: Introduce TBBR CoT makefile
Sandrine Bailleux
authored
on 30 Jan 2020
TrustedFirmware Code Review
committed
on 30 Jan 2020
|
2020-01-29 |
Introduce COT build option
...
Allows to select the chain of trust to use when the Trusted Boot feature
is enabled. This affects both the cert_create tool and the firmware
itself.
Right now, the only available CoT is TBBR.
Change-Id: I7ab54e66508a1416cb3fcd3dfb0f055696763b3d
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Sandrine Bailleux
committed
on 29 Jan 2020
|
2020-01-28 |
Measured Boot: add function for hash calculation
...
This patch adds 'calc_hash' function using Mbed TLS library
required for Measured Boot support.
Change-Id: Ifc5aee0162d04db58ec6391e0726a526f29a52bb
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Alexei Fedorov
committed
on 28 Jan 2020
|