2019-05-24 |
Add support for Branch Target Identification
...
This patch adds the functionality needed for platforms to provide
Branch Target Identification (BTI) extension, introduced to AArch64
in Armv8.5-A by adding BTI instruction used to mark valid targets
for indirect branches. The patch sets new GP bit [50] to the stage 1
Translation Table Block and Page entries to denote guarded EL3 code
pages which will cause processor to trap instructions in protected
pages trying to perform an indirect branch to any instruction other
than BTI.
BTI feature is selected by BRANCH_PROTECTION option which supersedes
the previous ENABLE_PAUTH used for Armv8.3-A Pointer Authentication
and is disabled by default. Enabling BTI requires compiler support
and was tested with GCC versions 9.0.0, 9.0.1 and 10.0.0.
The assembly macros and helpers are modified to accommodate the BTI
instruction.
This is an experimental feature.
Note. The previous ENABLE_PAUTH build option to enable PAuth in EL3
is now made as an internal flag and BRANCH_PROTECTION flag should be
used instead to enable Pointer Authentication.
Note. USE_LIBROM=1 option is currently not supported.
Change-Id: Ifaf4438609b16647dc79468b70cd1f47a623362e
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Alexei Fedorov
committed
on 24 May 2019
|
2019-05-16 |
Merge changes from topic "sami/550_fix_n1sdp_issues_v1" into integration
...
* changes:
N1SDP: Initialise CNTFRQ in Non Secure CNTBaseN
N1SDP: Fix DRAM2 start address
Add option for defining platform DRAM2 base
Disable speculative loads only if SSBS is supported
Soby Mathew
authored
on 16 May 2019
TrustedFirmware Code Review
committed
on 16 May 2019
|
2019-05-15 |
Add option for defining platform DRAM2 base
...
The default DRAM2 base address for Arm platforms
is 0x880000000. However, on some platforms the
firmware may want to move the start address to
a different value.
To support this introduce PLAT_ARM_DRAM2_BASE that
defaults to 0x880000000; but can be overridden by
a platform (e.g. in platform_def.h).
Change-Id: I0d81195e06070bc98f376444b48ada2db1666e28
Signed-off-by: Sami Mujawar <sami.mujawar@arm.com>
Sami Mujawar
committed
on 15 May 2019
|
2019-05-10 |
SMMUv3: Abort DMA transactions
...
For security DMA should be blocked at the SMMU by default
unless explicitly enabled for a device. SMMU is disabled
after reset with all streams bypassing the SMMU, and
abortion of all incoming transactions implements a default
deny policy on reset.
This patch also moves "bl1_platform_setup()" function from
arm_bl1_setup.c to FVP platforms' fvp_bl1_setup.c and
fvp_ve_bl1_setup.c files.
Change-Id: Ie0ffedc10219b1b884eb8af625bd4b6753749b1a
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Alexei Fedorov
committed
on 10 May 2019
|
2019-05-07 |
Merge changes from topic "sm/fix_a76_errata" into integration
...
* changes:
Workaround for cortex-A76 errata 1286807
Cortex-A76: workarounds for errata 1257314, 1262606, 1262888, 1275112
Soby Mathew
authored
on 7 May 2019
TrustedFirmware Code Review
committed
on 7 May 2019
|
Workaround for cortex-A76 errata 1286807
...
The workaround for Cortex-A76 errata #1286807 is implemented
in this patch.
Change-Id: I6c15af962ac99ce223e009f6d299cefb41043bed
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Soby Mathew
committed
on 7 May 2019
|
Cortex-A76: workarounds for errata 1257314, 1262606, 1262888, 1275112
...
The workarounds for errata 1257314, 1262606, 1262888 and 1275112 are
added to the Cortex-A76 cpu specific file. The workarounds are disabled
by default and have to be explicitly enabled by the platform integrator.
Change-Id: I70474927374cb67725f829d159ddde9ac4edc343
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Soby Mathew
committed
on 7 May 2019
|
2019-05-03 |
SMMUv3: refactor the driver code
...
This patch is a preparation for the subsequent changes in
SMMUv3 driver. It introduces a new "smmuv3_poll" function
and replaces inline functions for accessing SMMU registers
with mmio read/write operations. Also the infinite loop
for the poll has been replaced with a counter based timeout.
Change-Id: I7a0547beb1509601f253e126b1a7a6ab3b0307e7
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Alexei Fedorov
authored
on 26 Apr 2019
Soby Mathew
committed
on 3 May 2019
|
2019-04-25 |
sp_min: make sp_min_warm_entrypoint public
...
Similar to bl31_warm_entrypoint, sp_min-based platforms may need
that for special resume handling.
Therefore move it from the private header to the sp_min platform header.
Signed-off-by: Heiko Stuebner <heiko@sntech.de>
Change-Id: I40d9eb3ff77cff88d47c1ff51d53d9b2512cbd3e
Heiko Stuebner
committed
on 25 Apr 2019
|
2019-04-23 |
Merge "Neoverse N1: Forces cacheable atomic to near" into integration
Antonio Niño Díaz
authored
on 23 Apr 2019
TrustedFirmware Code Review
committed
on 23 Apr 2019
|
Merge changes from topic "aa-sbsa-watchdog" into integration
...
* changes:
plat/arm: introduce wrapper functions to setup secure watchdog
drivers/sbsa: add sbsa watchdog driver
Antonio Niño Díaz
authored
on 23 Apr 2019
TrustedFirmware Code Review
committed
on 23 Apr 2019
|
2019-04-18 |
Neoverse N1: Forces cacheable atomic to near
...
This patch forces all cacheable atomic instructions to be near, which
improves performance in highly contended parallelized use-cases.
Change-Id: I93fac62847f4af8d5eaaf3b52318c30893e947d3
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Louis Mayencourt
committed
on 18 Apr 2019
|
2019-04-17 |
plat/arm: introduce wrapper functions to setup secure watchdog
...
The BL1 stage setup code for ARM platforms sets up the SP805 watchdog
controller as the secure watchdog. But not all ARM platforms use SP805
as the secure watchdog controller.
So introduce two new ARM platform code specific wrapper functions to
start and stop the secure watchdog. These functions then replace the
calls to SP805 driver in common BL1 setup code. All the ARM platforms
implement these wrapper functions by either calling into SP805 driver
or the SBSA watchdog driver.
Change-Id: I1a9a11b124cf3fac2a84f22ca40acd440a441257
Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
Aditya Angadi
committed
on 17 Apr 2019
|
drivers/sbsa: add sbsa watchdog driver
...
Add a driver for configuring the SBSA Generic Watchdog which aids in
the detection of errant system behaviour.
Change-Id: I5a1e7149c69fd8b85be7dfbcf511f431339946f4
Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
Aditya Angadi
committed
on 17 Apr 2019
|
DSU: Implement workaround for errata 798953
...
Under certain near idle conditions, DSU may miss response transfers on
the ACE master or Peripheral port, leading to deadlock. This workaround
disables high-level clock gating of the DSU to prevent this.
Change-Id: I820911d61570bacb38dd325b3519bc8d12caa14b
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Louis Mayencourt
committed
on 17 Apr 2019
|
DSU: Small fix and reformat on errata framework
...
Change-Id: I50708f6ccc33059fbfe6d36fd66351f0b894311f
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Louis Mayencourt
committed
on 17 Apr 2019
|
Cortex-A35: Implement workaround for errata 855472
...
Under specific conditions, the processor might issue an eviction and an
L2 cache clean operation to the interconnect in the wrong order. Set
the CPUACTLR.ENDCCASCI bit to 1 to avoid this.
Change-Id: Ide7393adeae04581fa70eb9173b742049fc3e050
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Louis Mayencourt
committed
on 17 Apr 2019
|
2019-04-12 |
Mbed TLS: Remove weak heap implementation
...
The implementation of the heap function plat_get_mbedtls_heap() becomes
mandatory for platforms supporting TRUSTED_BOARD_BOOT.
The shared Mbed TLS heap default weak function implementation is
converted to a helper function get_mbedtls_heap_helper() which can be
used by the platforms for their own function implementation.
Change-Id: Ic8f2994e25e3d9fcd371a21ac459fdcafe07433e
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
Ambroise Vincent
committed
on 12 Apr 2019
|
2019-04-09 |
Merge "aarch32: Allow compiling with soft-float toolchain" into integration
Antonio Niño Díaz
authored
on 9 Apr 2019
TrustedFirmware Code Review
committed
on 9 Apr 2019
|
Merge "cpus: Fix Cortex-A12 MIDR mask" into integration
Antonio Niño Díaz
authored
on 9 Apr 2019
TrustedFirmware Code Review
committed
on 9 Apr 2019
|
Merge "Add support for Cortex-A76AE CPU" into integration
Antonio Niño Díaz
authored
on 9 Apr 2019
TrustedFirmware Code Review
committed
on 9 Apr 2019
|
2019-04-08 |
Add support for Cortex-A76AE CPU
...
Change-Id: I0a81f4ea94d41245cd5150de341b51fc70babffe
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Alexei Fedorov
committed
on 8 Apr 2019
|
cot-desc: optimise memory further
...
This changes the auth_img_desc_t struct to have pointers to struct
arrays instead of struct arrays. This saves memory as many of these
were never used, and can be NULL pointers. Note the memory savings are
only when these arrays are not initialised, as it is assumed these
arrays are fixed length. A possible future optimisation could allow for
variable length.
memory diff:
bl1: bl2:
text text
-12 -12
bss bss
-1463 0
data data
-56 -48
rodata rodata
-5688 -2592
total total
-7419 -2652
Change-Id: I8f9bdedf75048b8867f40c56381e3a6dc6402bcc
Signed-off-by: Joel Hutton <Joel.Hutton@Arm.com>
Joel Hutton
committed
on 8 Apr 2019
|
Reduce memory needed for CoT description
...
When Trusted Board Boot is enabled, we need to specify the Chain of
Trust (CoT) of the BL1 and BL2 images. A CoT consists of an array
of image descriptors. The authentication module assumes that each
image descriptor in this array is indexed by its unique image
identifier. For example, the Trusted Boot Firmware Certificate has to
be at index [TRUSTED_BOOT_FW_CERT_ID].
Unique image identifiers may not necessarily be consecutive. Also,
a given BL image might not use all image descriptors. For example, BL1
does not need any of the descriptors related to BL31. As a result, the
CoT array might contain holes, which unnecessarily takes up space in
the BL binary.
Using pointers to auth_img_desc_t structs (rather than structs
themselves) means these unused elements only use 1 pointer worth of
space, rather than one struct worth of space. This patch also changes
the code which accesses this array to reflect the change to pointers.
Image descriptors not needed in BL1 or BL2 respectively are also
ifdef'd out in this patch. For example, verifying the BL31 image is
the responsibility of BL2 so BL1 does not need any of the data
structures describing BL31.
memory diff:
bl1: bl2:
text text
-20 -20
bss bss
-1463 0
data data
-256 -48
rodata rodata
-5240 -1952
total total
-6979 -2020
Change-Id: I163668b174dc2b9bbb183acec817f2126864aaad
Signed-off-by: Joel Hutton <Joel.Hutton@Arm.com>
Joel Hutton
committed
on 8 Apr 2019
|
cpus: Fix Cortex-A12 MIDR mask
...
The Cortex-A12's primary part number is 0xC0D not 0xC0C, so
fix that to make the A12's cpu operations findable.
Change-Id: I4440a039cd57a2fe425fd8a8ec5499ca8e895e31
Signed-off-by: Heiko Stuebner <heiko@sntech.de>
Heiko Stuebner
committed
on 8 Apr 2019
|
2019-04-05 |
aarch32: Allow compiling with soft-float toolchain
...
ARMv7 and Cortex-A32(ARMv8/aarch32) uses "arm-linux-gnueabi" toolchain which
has both soft-float and hard-float variants and so there could be scenarios
where soft-float toolchain is used.Even though TF-A documentation recommends
to use hard-float toolchain for aarch32 but there are external projects where
we cannot mandate the selection of toolchain and for those projects at least
the build should not fail.
Current TF-A source fails to build with soft-float toolchain because assembler
does not recognizes "vmsr" instruction which is required to enable floating
point unit.
To avoid this piece of code being compiled with soft-float toolchain add
predefined macro guard " __SOFTFP__" exposed by soft-float toolchain.
Change-Id: I76ba40906a8d622dcd476dd36ab4d277a925996c
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Manish Pandey
committed
on 5 Apr 2019
|
2019-04-03 |
Remove deprecated interfaces
...
Change-Id: I14fcabbdfd53153d1d5f187f6f8b23a045794408
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
Ambroise Vincent
committed
on 3 Apr 2019
|
tzc: remove deprecated types
...
Types tzc_action_t and tzc_region_attributes_t are deprecated.
Change-Id: Ieefeb8521a0e1130f39d09b5c0d2728f05084773
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
Ambroise Vincent
committed
on 3 Apr 2019
|
Console: remove deprecated finish_console_register
...
The old version of the macro is deprecated.
Commit cc5859ca19ff ("Multi-console: Deprecate the
`finish_console_register` macro") provides more details.
Change-Id: I3d1cdf6496db7d8e6cfbb5804f508ff46ae7e67e
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
Ambroise Vincent
committed
on 3 Apr 2019
|
Merge pull request #1916 from antonio-nino-diaz-arm/an/spm-xlat
...
SPM: Some improvements to xlat handling code
Antonio Niño Díaz
authored
on 3 Apr 2019
GitHub
committed
on 3 Apr 2019
|