2020-09-24 |
Merge "plat/arm: Introduce and use libc_asm.mk makefile" into integration
Olivier Deprez
authored
on 24 Sep 2020
TrustedFirmware Code Review
committed
on 24 Sep 2020
|
2020-09-18 |
Merge changes from topic "ehf_common" into integration
...
* changes:
plat: tegra: Use generic ehf defines
ehf: use common priority level enumuration
Manish Pandey
authored
on 18 Sep 2020
TrustedFirmware Code Review
committed
on 18 Sep 2020
|
2020-09-15 |
lib: fconf: Implement a parser to populate CoT
...
Implemented a parser which populates the properties of
the CoT descriptors as per the binding document [1].
'COT_DESC_IN_DTB' build option is disabled by default and can
be enabled in future for all Arm platforms by making necessary
changes in the memory map.
Currently, this parser is tested only for FVP platform.
[1]:
https://trustedfirmware-a.readthedocs.io/en/latest/components/cot-binding.html
Change-Id: I2f911206087a1a2942aa728de151d2ac269d27cc
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Manish V Badarkhe
committed
on 15 Sep 2020
|
2020-09-02 |
plat/arm: Introduce and use libc_asm.mk makefile
...
Trace analysis of FVP_Base_AEMv8A 0.0/6063 model
running in Aarch32 mode with the build options
listed below:
TRUSTED_BOARD_BOOT=1 GENERATE_COT=1
ARM_ROTPK_LOCATION=devel_ecdsa KEY_ALG=ecdsa
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_ecdsa.pem
shows that when auth_signature() gets called
71.99% of CPU execution time is spent in memset() function
written in C using single byte write operations,
see lib\libc\memset.c.
This patch introduces new libc_asm.mk makefile which
replaces C memset() implementation with assembler
version giving the following results:
- for Aarch32 in auth_signature() call memset() CPU time
reduced to 20.56%.
The number of CPU instructions (Inst) executed during
TF-A boot stage before start of BL33 in RELEASE builds
for different versions is presented in the tables below,
where:
- C TF-A: existing TF-A C code;
- C musl: "lightweight code" C "implementation of the
standard library for Linux-based systems"
https://git.musl-libc.org/cgit/musl/tree/src/string/memset.c
- Asm Opt: assemler version from "Arm Optimized Routines"
project
https://github.com/ARM-software/optimized-routines/blob/
master/string/arm/memset.S
- Asm Linux: assembler version from Linux kernel
https://github.com/torvalds/linux/blob/master/arch/arm/lib/memset.S
- Asm TF-A: assembler version from this patch
Aarch32:
+-----------+------+------+--------------+----------+
| Variant | Set | Size | Inst | Ratio |
+-----------+------+------+--------------+----------+
| C TF-A | T32 | 16 | 2122110003 | 1.000000 |
| C musl | T32 | 156 | 1643917668 | 0.774662 |
| Asm Opt | T32 | 84 | 1604810003 | 0.756233 |
| Asm Linux | A32 | 168 | 1566255018 | 0.738065 |
| Asm TF-A | A32 | 160 | 1525865101 | 0.719032 |
+-----------+------+------+--------------+----------+
AArch64:
+-----------+------+------------+----------+
| Variant | Size | Inst | Ratio |
+-----------+------+------------+----------+
| C TF-A | 28 | 2732497518 | 1.000000 |
| C musl | 212 | 1802999999 | 0.659836 |
| Asm TF-A | 140 | 1680260003 | 0.614917 |
+-----------+------+------------+----------+
This patch modifies 'plat\arm\common\arm_common.mk'
by overriding libc.mk makefile with libc_asm.mk and
does not effect other platforms.
Change-Id: Ie89dd0b74ba1079420733a0d76b7366ad0157c2e
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Alexei Fedorov
committed
on 2 Sep 2020
|
2020-08-26 |
ehf: use common priority level enumuration
...
'EHF' is used by RAS, SDEI, SPM_MM common frameworks.
If platform needs to plug-in specific handlers then
'PLAT_EHF_DESC' can be used to populate platform specific
priority levels.
Signed-off-by: Sandeep Tripathy <sandeep.tripathy@broadcom.com>
Change-Id: I37af7e0e48111f87b6982604bf5c15db3e05755d
Sandeep Tripathy
committed
on 26 Aug 2020
|
2020-07-21 |
TF-A: Add Event Log for Measured Boot
...
This patch adds support for Event Log generation required
for Measured Boot functionality.
Change-Id: I34f05a33565e6659e78499d62cc6fb00b7d6c2dc
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Alexei Fedorov
committed
on 21 Jul 2020
|
2020-05-27 |
Fix the build error for dualroot chain of trust.
...
Fixed build error for dualroot chain of trust.
Build error were thrown as below while compiling the code for
dualroot chain of trust:
aarch64-none-elf-ld.bfd: ./build/fvp/debug/bl1/tbbr_cot_bl1.o:
(.bss.auth_img_flags+0x0): multiple definition of `auth_img_flags';
./build/fvp/debug/bl1/cot.o:(.bss.auth_img_flags+0x0): first defined here
aarch64-none-elf-ld.bfd: ./build/fvp/debug/bl1/tbbr_cot_bl1.o:
(.rodata.cot_desc_size+0x0): multiple definition of `cot_desc_size';
./build/fvp/debug/bl1/cot.o:(.rodata.cot_desc_size+0x0): first defined here
aarch64-none-elf-ld.bfd: ./build/fvp/debug/bl1/tbbr_cot_bl1.o:
(.rodata.cot_desc_ptr+0x0): multiple definition of `cot_desc_ptr';
./build/fvp/debug/bl1/cot.o:(.rodata.cot_desc_ptr+0x0): first defined here
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I1a426c4e7f5f8013d71dafc176c7467c1b329757
Manish V Badarkhe
authored
on 27 May 2020
Manish V Badarkhe
committed
on 27 May 2020
|
2020-05-19 |
Cleanup the code for TBBR CoT descriptors
...
CoT used for BL1 and BL2 are moved to tbbr_cot_bl1.c
and tbbr_cot_bl2.c respectively.
Common CoT used across BL1 and BL2 are moved to
tbbr_cot_common.c.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I2252ac8a6960b3431bcaafdb3ea4fb2d01b79cf5
Manish V Badarkhe
committed
on 19 May 2020
|
2020-05-15 |
plat/arm/fvp: Support performing SDEI platform setup in runtime
...
This patch introduces dynamic configuration for SDEI setup and is supported
when the new build flag SDEI_IN_FCONF is enabled. Instead of using C arrays
and processing the configuration at compile time, the config is moved to
dts files. It will be retrieved at runtime during SDEI init, using the fconf
layer.
Change-Id: If5c35a7517ba00a9f258d7f3e7c8c20cee169a31
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Co-authored-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Balint Dobszay
authored
on 18 Dec 2019
Madhukar Pappireddy
committed
on 15 May 2020
|
2020-03-24 |
Merge "fconf: Clean Arm IO" into integration
Mark Dykes
authored
on 24 Mar 2020
TrustedFirmware Code Review
committed
on 24 Mar 2020
|
2020-03-23 |
spmd: skip loading of secure partitions on pre-v8.4 platforms
...
When SPD=spmd and SPMD_SPM_AT_SEL2=0, that is SPMC sits at S-EL1
then there is no need for TF-A to load secure partitions individually.
In this configuration, SPMC handles secure partition loading at
S-EL1/EL0 levels.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I06a0d88a4811274a8c347ce57b56bb5f64e345df
Olivier Deprez
authored
on 19 Mar 2020
Manish Pandey
committed
on 23 Mar 2020
|
2020-03-16 |
fconf: Clean Arm IO
...
Merge the previously introduced arm_fconf_io_storage into arm_io_storage. This
removes the duplicate io_policies and functions definition.
This patch:
- replace arm_io_storage.c with the content of arm_fconf_io_storage.c
- rename the USE_FCONF_BASED_IO option into ARM_IO_IN_DTB.
- use the ARM_IO_IN_DTB option to compile out io_policies moved in dtb.
- propagate DEFINES when parsing dts.
- use ARM_IO_IN_DTB to include or not uuid nodes in fw_config dtb.
- set the ARM_IO_IN_DTB to 0 by default for fvp. This ensure that the behavior
of fvp stays the same as it was before the introduction of fconf.
Change-Id: Ia774a96d1d3a2bccad29f7ce2e2b4c21b26c080e
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Louis Mayencourt
committed
on 16 Mar 2020
|
2020-03-10 |
Merge changes from topic "sb/dualroot" into integration
...
* changes:
plat/arm: Pass cookie argument down to arm_get_rotpk_info()
plat/arm: Add support for dualroot CoT
plat/arm: Provide some PROTK files for development
Mark Dykes
authored
on 10 Mar 2020
TrustedFirmware Code Review
committed
on 10 Mar 2020
|
2020-03-03 |
fconf: Add Secure Partitions information as property
...
Use the firmware configuration framework to retrieve information about
Secure Partitions to facilitate loading them into memory.
To load a SP image we need UUID look-up into FIP and the load address
where it needs to be loaded in memory.
This patch introduces a SP populator function which gets UUID and load
address from firmware config device tree and updates its C data
structure.
Change-Id: I17faec41803df9a76712dcc8b67cadb1c9daf8cd
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Olivier Deprez
authored
on 23 Jan 2020
Manish Pandey
committed
on 3 Mar 2020
|
2020-02-24 |
plat/arm: Add support for dualroot CoT
...
- Use the development PROTPK if using the dualroot CoT.
Note that unlike the ROTPK, the PROTPK key hash file is not generated
from the key file, instead it has to be provided. This might be
enhanced in the future.
- Define a CoT build flag for the platform code to provide different
implementations where needed.
Change-Id: Iaaf25183b94e77a99a5d8d875831d90c102a97ea
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Sandrine Bailleux
committed
on 24 Feb 2020
|
2020-02-11 |
Merge changes from topic "lm/fconf" into integration
...
* changes:
arm-io: Panic in case of io setup failure
MISRA fix: Use boolean essential type
fconf: Add documentation
fconf: Move platform io policies into fconf
fconf: Add mbedtls shared heap as property
fconf: Add TBBR disable_authentication property
fconf: Add dynamic config DTBs info as property
fconf: Populate properties from dtb during bl2 setup
fconf: Load config dtb from bl1
fconf: initial commit
Sandrine Bailleux
authored
on 11 Feb 2020
TrustedFirmware Code Review
committed
on 11 Feb 2020
|
2020-02-10 |
SPMD: enable SPM dispatcher support
...
This patch adds support to the build system to include support for the SPM
dispatcher when the SPD configuration option is spmd.
Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Change-Id: Ic1ae50ecd7403fcbcf1d318abdbd6ebdc642f732
Achin Gupta
authored
on 11 Oct 2019
Max Shvetsov
committed
on 10 Feb 2020
|
2020-02-07 |
fconf: Move platform io policies into fconf
...
Use the firmware configuration framework to store the io_policies
information inside the configuration device tree instead of the static
structure in the code base.
The io_policies required by BL1 can't be inside the dtb, as this one is
loaded by BL1, and only available at BL2.
This change currently only applies to FVP platform.
Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Louis Mayencourt
committed
on 7 Feb 2020
|
fconf: Add TBBR disable_authentication property
...
Use fconf to retrieve the `disable_authentication` property.
Move this access from arm dynamic configuration to bl common.
Change-Id: Ibf184a5c6245d04839222f5457cf5e651f252b86
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Louis Mayencourt
committed
on 7 Feb 2020
|
fconf: initial commit
...
Introduce the Firmware CONfiguration Framework (fconf).
The fconf is an abstraction layer for platform specific data, allowing
a "property" to be queried and a value retrieved without the requesting
entity knowing what backing store is being used to hold the data.
The default backing store used is C structure. If another backing store
has to be used, the platform integrator needs to provide a "populate()"
function to fill the corresponding C structure.
The "populate()" function must be registered to the fconf framework with
the "FCONF_REGISTER_POPULATOR()". This ensures that the function would
be called inside the "fconf_populate()" function.
A two level macro is used as getter:
- the first macro takes 3 parameters and converts it to a function
call: FCONF_GET_PROPERTY(a,b,c) -> a__b_getter(c).
- the second level defines a__b_getter(c) to the matching C structure,
variable, array, function, etc..
Ex: Get a Chain of trust property:
1) FCONF_GET_PROPERY(tbbr, cot, BL2_id) -> tbbr__cot_getter(BL2_id)
2) tbbr__cot_getter(BL2_id) -> cot_desc_ptr[BL2_id]
Change-Id: Id394001353ed295bc680c3f543af0cf8da549469
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Louis Mayencourt
committed
on 7 Feb 2020
|
2020-02-04 |
Merge changes from topic "mp/separate_nobits" into integration
...
* changes:
plat/arm: Add support for SEPARATE_NOBITS_REGION
Changes necessary to support SEPARATE_NOBITS_REGION feature
Sandrine Bailleux
authored
on 4 Feb 2020
TrustedFirmware Code Review
committed
on 4 Feb 2020
|
2020-01-29 |
Introduce COT build option
...
Allows to select the chain of trust to use when the Trusted Boot feature
is enabled. This affects both the cert_create tool and the firmware
itself.
Right now, the only available CoT is TBBR.
Change-Id: I7ab54e66508a1416cb3fcd3dfb0f055696763b3d
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Sandrine Bailleux
committed
on 29 Jan 2020
|
2020-01-27 |
plat/arm: Add support for SEPARATE_NOBITS_REGION
...
In order to support SEPARATE_NOBITS_REGION for Arm platforms, we need to load
BL31 PROGBITS into secure DRAM space and BL31 NOBITS into SRAM. Hence mandate
the build to require that ARM_BL31_IN_DRAM is enabled as well.
Naturally with SEPARATE_NOBITS_REGION enabled, the BL31 initialization code
cannot be reclaimed to be used for runtime data such as secondary cpu stacks.
Memory map for BL31 NOBITS region also has to be created.
Change-Id: Ibbc8c9499a32e63fd0957a6e254608fbf6fa90c9
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Madhukar Pappireddy
committed
on 27 Jan 2020
|
2020-01-23 |
Revert "plat/arm: Add support for SEPARATE_NOBITS_REGION"
...
This reverts commit d433bbd .
Change-Id: I46c69dce704a1ce1b50452dd4d62425c4a67f7f0
Mark Dykes
committed
on 23 Jan 2020
|
2020-01-21 |
plat/arm: Add support for SEPARATE_NOBITS_REGION
...
In order to support SEPARATE_NOBITS_REGION for Arm platforms, we need to load
BL31 PROGBITS into secure DRAM space and BL31 NOBITS into SRAM. Hence mandate
the build to require that ARM_BL31_IN_DRAM is enabled as well.
Naturally with SEPARATE_NOBITS_REGION enabled, the BL31 initialization code
cannot be reclaimed to be used for runtime data such as secondary cpu stacks.
Memory map for BL31 NOBITS region also has to be created.
Change-Id: Ibd480f82c1dc74e9cbb54eec07d7a8fecbf25433
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Madhukar Pappireddy
committed
on 21 Jan 2020
|
2019-12-20 |
spm: Remove SPM Alpha 1 prototype and support files
...
The Secure Partition Manager (SPM) prototype implementation is
being removed. This is preparatory work for putting in place a
dispatcher component that, in turn, enables partition managers
at S-EL2 / S-EL1.
This patch removes:
- The core service files (std_svc/spm)
- The Resource Descriptor headers (include/services)
- SPRT protocol support and service definitions
- SPCI protocol support and service definitions
Change-Id: Iaade6f6422eaf9a71187b1e2a4dffd7fb8766426
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Paul Beesley
authored
on 14 Oct 2019
Manish Pandey
committed
on 20 Dec 2019
|
Remove dependency between SPM_MM and ENABLE_SPM build flags
...
There are two different implementations of Secure Partition
management in TF-A. One is based on the "Management Mode" (MM)
design, the other is based on the Secure Partition Client Interface
(SPCI) specification. Currently there is a dependency between their
build flags that shouldn't exist, making further development
harder than it should be. This patch removes that
dependency, making the two flags function independently.
Before: ENABLE_SPM=1 is required for using either implementation.
By default, the SPCI-based implementation is enabled and
this is overridden if SPM_MM=1.
After: ENABLE_SPM=1 enables the SPCI-based implementation.
SPM_MM=1 enables the MM-based implementation.
The two build flags are mutually exclusive.
Note that the name of the ENABLE_SPM flag remains a bit
ambiguous - this will be improved in a subsequent patch. For this
patch the intention was to leave the name as-is so that it is
easier to track the changes that were made.
Change-Id: I8e64ee545d811c7000f27e8dc8ebb977d670608a
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Paul Beesley
authored
on 16 Sep 2019
Manish Pandey
committed
on 20 Dec 2019
|
2019-12-17 |
pmf: Make the runtime instrumentation work on AArch32
...
Ported the pmf asm macros and the asm code in the bl31 entrypoint
necessary for the instrumentation to AArch32.
Since smc dispatch is handled by the bl32 payload on AArch32, we
provide this service only if AARCH32_SP=sp_min is set.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Change-Id: Id33b7e9762ae86a4f4b40d7f1b37a90e5130c8ac
Bence Szépkúti
committed
on 17 Dec 2019
|
SiP: Don't validate entrypoint if state switch is impossible
...
Switching execution states is only possible if EL3 is AArch64.
As such there is no need to validate the entrypoint on AArch32 builds.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Change-Id: I3c1eb25b5df296a492870641d274bf65213c6608
Bence Szépkúti
committed
on 17 Dec 2019
|
2019-11-07 |
plat/arm: Re-enable PIE when RESET_TO_BL31=1
...
Earlier PIE support was enabled for all arm platforms when
RESET_TO_BL31=1, but later on it was restricted only to FVP with patch
SHA d4580d17 because of n1sdp platform.
Now it has been verified that PIE does work for n1sdp platform also, so
enabling it again for all arm platforms.
Change-Id: I05ad4f1775ef72e7cb578ec9245cde3fbce971a5
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Manish Pandey
committed
on 7 Nov 2019
|