The generic interrupt controller identifies an interrupt based on its
type whereas the GIC uses the notion of groups to identify an
interrupt.
Currently, they are used interchangeably in GICv3 driver. It did not
cause any functional issues since the matching type and group had the
same value for corresponding macros. This patch makes the necessary
fixes.
The generic interrupt controller APIs, such as
plat_ic_set_interrupt_type map interrupt type to interrupt group
supported by the GICv3 IP. Similarly, other generic interrupt
controller APIs map interrupt group to interrupt type as needed.
This patch also changes the name of the helper functions to use group
rather than type for handling interrupts.
Change-Id: Ie2d88a3260c71e4ab9c8baacde24cc21e551de3d
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
The generic interrupt controller identifies an interrupt based on its
type whereas the GIC uses the notion of groups to identify an
interrupt.
This patch changes the name of the helper functions to use group
rather than type for handling interrupts. No functional change in this
patch.
Change-Id: If13ec65cc6c87c2da73a3d54b033f02635ff924a
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Add transfer list APIs and firmware handoff build option.
Change-Id: I68a0ace22c7e50fcdacd101eb76b271d7b76d8ff
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Neoverse V2 erratum 2743011 is a Cat B erratum that applies to
all revisions <= r0p1 and is fixed in r0p2. The workaround is to
set CPUACTLR5_EL1[56:55] to 2'b01.
SDEN documentation:
https://developer.arm.com/documentation/SDEN2332927/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I0e06ca723a1cce51fb027b7160f3dd06a4c93e64
Neoverse V2 erratum 2779510 is a Cat B erratum that applies to
all revisions <= r0p1 and is fixed in r0p2. The workaround is to
set bit[47] of CPUACTLR3_EL1 which might have a small impact on
power and negligible impact on performance.
SDEN documentation:
https://developer.arm.com/documentation/SDEN2332927/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I6d937747bdcbf2913a64c4037f99918cbc466e80
Neoverse V2 erratum 2719105 is a Cat B erratum that applies to all
revisions <= r0p1 and is fixed in r0p2.
The erratum is avoided by setting CPUACTLR2_EL1[0] to 1 to force
PLDW/PFRM ST to behave like PLD/PRFM LD and not cause invalidations
to other PE caches. There might be a small performance degradation
to this workaround for certain workloads that share data.
SDEN documentation:
https://developer.arm.com/documentation/SDEN2332927/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Id026edcb7ee1ca93371ce0001d18f5a8282c49ba
Neoverse V2 erratum 2331132 is a Cat B erratum that applies to all
revisions <= r0p2 and is still open. The workaround is to write the
value 4'b1001 to the PF_MODE bits in the IMP_CPUECTLR2_EL1 register
which will place the data prefetcher in the most conservative mode
instead of disabling it.
SDEN documentation:
https://developer.arm.com/documentation/SDEN2332927/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Ic6c76375df465a4ad2e20dd7add7037477d973c1
Express memory size with size_t type in structures.
Retrieve value as uint32_t from device tree and then cast it to size_t.
Combined with uintptr_t use, it ensures a generic algorithm whatever
the platform architecture, notably within systematic tests. Adapt also
their prototypes.
Move memory size print outside stm32mp_ddr_check_size() to adapt it to
related platform.
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
Change-Id: Ic6e1a62d7a5e23cef49909a658098c800e7dae3f
Bit1 in the CLUSTERPWRDN register is used to indicate on CLUSTERPACTIVE
that memory retention is required or not. It can be used for
L3 cache memory retention support.
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I1c53c90ae3dfbed3be7e5b2b79f2c3565db81012
BL31 image has grown with feature addition over time. In particular the
RESET_TO_BL2 + ENABLE_PIE + DEBUG combination of options lead to BL31
image overlap head of BL2 image. In this configuration BL2 is meant to
stay resident as PE reset occurs from BL2. Apply changes similar to [1]
such that BL2 start address is pushed forward and leaves more room for
BL31 end of image.
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/15486/9/include/plat/arm/common/arm_def.h#530
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I027e23780fb77ca9fe81aa47231da649c7a030ee
Add a header file listing the registers of Reset and Clock Control
peripheral.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Icc90132d5782eba7e343868b932a399c1d47c18a
Add the associated bindings for device tree and drivers.
Change-Id: I6847df691d4b00f48d2d87a33fbf4ccd62ae5dcf
Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
When ENABLE_RUNTIME_INSTRUMENTATION flag is set timestamps are captured
and output to the fvp console at various boot stages using the PMF
library (which are based on aarch timers).
Timestamps are captured at entry and exit points for Bl1, Bl2
and, Bl3 respectively.
Change-Id: I7c0c502e5dbf73d711700b2fe0085ca3eb9346d2
Signed-off-by: Thaddeus Serna <Thaddeus.Gonzalez-Serna@arm.com>
Cortex-X3 erratum 2742421 is a Cat B erratum that applies to
all revisions <= r1p1 and is fixed in r1p2. The workaround is to
set CPUACTLR5_EL1[56:55] to 2'b01.
SDEN documentation:
https://developer.arm.com/documentation/2055130/latest
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Change-Id: Idadd323e419739fe909b9b68ea2dbe857846666b
To allow the SPD to access the Event Log on RME systems with
TrustZone Controller, the Event Log region needs to be configured
into the TZC. This change will enable read-write access of this
region from the secure world, which is currently denied.
Change-Id: I0c32977386f3d7c22f310b2b9404d48e8e6cac29
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The implementation of code changes manages the transmit FIFO (TxFIFO)
in the UART driver. The added code snippet includes a sequence of
instructions that ensures efficient handling of data transmission
and synchronization with the host software.
The code first checks the TxFIFO empty flag to determine whether
there is data available for transmission. If the TxFIFO is not empty,
the code waits until it becomes empty, ensuring that the transmit
operation is synchronized with the availability of data.
Subsequently, the code monitors the transmit operation's activity
status. It waits until the transmit operation becomes inactive,
indicating the completion of the previous transmission.
This synchronization step ensures that new data can be added to the
TxFIFO without causing any loss of transmission time.
Update console_flush() function, the function waits for the
Transmitter FIFO to empty and checks the transmitter's active state.
If the transmitter is in an active state, it means it is currently
shifting out a character.
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: I9d6c05bdfb9270924b40bf1f6ecb5fe541a2242e
Adding basic CPU library code to support Nevis CPU
Change-Id: I399cc9b7b2d907b02b76ea2a3e5abb54e28fbf6c
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
The original powerdown function for Gelas included SME disabling
instructions but did not check for the presence of SME before disabling.
This could lead to unexpected beaviors. This patch adds that check so
the feature is disabled only if it is present.
Change-Id: I582db53a6669317620e4f72a3eac87525897d3d0
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Pass "start_idx" to plat_scmi_clock_rates_array.
This parameter is required to obtain the rate table
a second time.
Signed-off-by: XiaoDong Huang <derrick.huang@rock-chips.com>
Change-Id: I97c6751e7d34c839ced8f22bddc39fb534978cc4
MTE and common system registers are the last remaining EL2 save/restores
in assembly. Convert them to C, like all the others.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: If690f792e70b97fd4b4cd5f43847a71719b128f1
At the moment we have some elaborate, but very schematic functions to
allow checking for CPU feature enablement. Adding some more becomes
tedious and is also error-prone.
Provide two wrapper macros that reduce most of the features to a
single line:
- CREATE_FEATURE_FUNCS(name, idreg, idfield, guard)
creates two functions read_<name>_id_field() and is_<name>_supported(),
that check the 4-bit CPU ID field starting at bit <idfield> in <idreg>
for being not 0, and compares it against the build time <guard> symbol.
For the usual feature (like PAN) this looks like:
CREATE_FEATURE_FUNCS(feat_pan, id_aa64mmfr1_el1,
ID_AA64MMFR1_EL1_PAN_SHIFT, ENABLE_FEAT_PAN)
- CREATE_FEATURE_FUNCS_VER(name, read_func, idvalue, guard)
creates one function to check for a certain CPU ID field *value*, so
when "!= 0" is not sufficient. It's meant to be used in addition to
the above macro, since that generates the CPU ID field accessor
function:
CREATE_FEATURE_FUNCS(feat_amu, id_aa64pfr0_el1, ID_AA64PFR0_AMU_SHIFT,
ENABLE_FEAT_AMU)
CREATE_FEATURE_FUNCS_VER(feat_amuv1p1, read_feat_amu_id_field,
ID_AA64PFR0_AMU_V1P1, ENABLE_FEAT_AMUv1p1)
Describe the existing feature accessor functions using those new macros,
to reduce the size of the file, improve readability and decrease the
possibility of (copy&paste) bugs.
Change-Id: Ib136a875b4857058ff561c4635ace344006f29bf
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Changes have been made in NPU firmware version 13 around error handling
which require some different register values to be set in AUXCTLR and
SYSCTRL1.
SiP service version number has been bumped up to 15 to reflect these
changes.
Change-Id: I6cda0048dc75df2150f7a0fe25f12ba6bf119ced
Signed-off-by: Rob Hughes <robert.hughes@arm.com>
This patch adds a basic el3 spmd logical partition to the fvp platform
via a platform specific smc handler. One of the use cases for el3
logical partitions is to have the ability to translate sip calls into
ff-a direct requests via the use of spmd logical partitions. The smc
handler creates a direct request based on the incoming smc parameters
and forwards the call as a direct request from the spmd logical
partition to the target secure partition.
Change-Id: If8ba9aab8203924bd00fc1dcdf9cd05a9a04a147
This patch enables FF-A secure partitions and the SPMC to query EL3 SPMD
logical partitions that are present in the system via partition get info
regs abi. Note that normal world will not be able to see EL3 SPMD
logical partitions as per the spec.
Signed-off-by: Raghu Krishnamurthy <raghu.ncstate@gmail.com>
Change-Id: I3fca8aed8ae156a559a74521803324c13ae3d55a
This patch adds support for an EL3 SPMD logical partition to discover
secure partitions using the FFA_PARTITION_INFO_GET_REGS abi. It also
adds helper functions for a logical partition to use the information
returned in registers in a meaningful way.
Signed-off-by: Raghu Krishnamurthy <raghu.ncstate@gmail.com>
Change-Id: Id69488e7367e17e2dfa6c8e332be3c8d41f6c773
Move ffa_partition_info_get definitions from EL3 SPMC private header
files to common header files. The structures are common to FF-A and are
useful for the EL3 SPMD logical partitions.
Signed-off-by: Raghu Krishnamurthy <raghu.ncstate@gmail.com>
Change-Id: I19de3f6cb3351afa873022da1397a475a84e3d8b
This patch implements an API that is exposed to SPMD logical partitions
that can be used to send direct messages to a secure partition.
It also adds required code in the SPMD smc handler to complete the
direct response appropriately.
Change-Id: I2d0e38415f13ad4fd28f8984d565036b7d3a9e71
Signed-off-by: Raghu Krishnamurthy <raghu.ncstate@gmail.com>
This patch adds the necessary CPU library code to support the Gelas CPU
Change-Id: I13ec4a8bb7055c1ebd0796a4a1378983d930fcb3
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Align entire TF-A to use Arm in copyright header.
Change-Id: Ief9992169efdab61d0da6bd8c5180de7a4bc2244
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
For runtime errata, we should avoid generating calls to
`cpu_get_rev_var` unless its necessary. Make the path that generates
this call parameterized, and cache the result in a temporary register to
allow future calls that go down the alternate path to retrieve the cache
CPU revision.
Change-Id: I9882ede76568fbd9a7ccd4caa74eff0c66a7b20e
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
The build flags to enable the Arm(R) Ethos(TM)-N NPU driver are in arm
platform specific make files i.e. plat/arm/common/arm_common.mk. These
flags are renamed and moved to ethosn_npu.mk. Other source and make
files are changed to reflect the changes in these flags.
Signed-off-by: Rajasekaran Kalidoss <rajasekaran.kalidoss@arm.com>
Change-Id: I6fd20225343c574cb5ac1f0f32ff2fc28ef37ea6
Neoverse N2 erratum 2779511 is a Cat B erratum that applies to
all revisions <=r0p2 and is fixed in r0p3. The workaround is to
set bit[47] of CPUACTLR3_EL1
SDEN documentation:
https://developer.arm.com/documentation/SDEN1982442/latest
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: Iaa0e30de8473ecb1df1fcca3a45904aac2e419b3
Neoverse N2 erratum 2743014 is a Cat B erratum that applies to
all revisions <=r0p2 and is fixed in r0p3. The workaround is to
set CPUACTLR5_EL1[56:55] to 2'b01.
SDEN documentation:
https://developer.arm.com/documentation/SDEN1982442/latest
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: Ie7e1be5dea9d1f74738f9fed0fb58bfd41763192
Testing:
- Manual comparison of disassembly with and without conversion.
- Using the test script in gerrit - 19136
- Building with errata and stepping through from ArmDS and running tftf.
Change-Id: I126f09de44b16e8bbb7e32477b880b4650eef23b
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Add header file to help with creation of SPMD logical partitions. Also
update linker files to create sections to record SPMD logical partitions
declared. This follows the same pattern as the EL3 SPMC's logical
partitions. This patch also adds initialization of SPMD logical
partitions when the SPMD comes up.
ENABLE_SPMD_LP is a build flag that is used to enable support for
SPMD logical partitions.
Note that the approach chosen is to keep SPMD and SPMC logical
partition support separate, as opposed to extend the existing SPMC
logical partition support since the code would need to have a number of
ifdefs and the interactions with various build options such as
SPMC_AT_EL3 needs to be accounted for, which would make code more
complicated.
Signed-off-by: Raghu Krishnamurthy <raghu.ncstate@gmail.com>
Change-Id: I9642ddbf6ea26dd3f4a283baec598d61c07e3661
HFG*_EL2 registers control the fine-grained traps introduced by
FEAT_FGT. These traps come enabled by default so old systems unaware
of this feature can be trapped to EL3, not being able to handle the
trap correctly. This patch disables all fine-grained traps by default
to prevent such unexpected behavior.
Change-Id: If2ae97accbeed2bea51ae03b5225ce762ecffb25
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
To handle the core corrected errors in the firmware, the FHI PPI
interrupt has to be enabled on all the cores. At boot, when the RAS
framework is initialized, only primary core is up and hence core FHI PPI
interrupt is enabled only on primary core. This patch adds support to
configure and enable core FHI interrupt for all the secondary cores as
part of their boot sequence.
Signed-off-by: Omkar Anand Kulkarni <omkar.kulkarni@arm.com>
Change-Id: I4b25152cb498fe975b9c770babb25aa9e01f9656
Key-OIDs that authenticate BL31, BL31(SOC)-FW config, and HW config
images have been explicitly entered.
Implementations of signer-ID consume these entries.
Change-Id: I24c9085ed5f266af06d40fb73302e35d857a9d5b
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Calculate a hash of the public key and put that into the signer-ID
field of the relevant RSS metadata. The signer-ID metadata is mandatory
in the Arm CCA attestation scheme.
Change-Id: Ic846d8bf882cfea8581d3523a3461c919462df30
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Created an explicit zero-OID which can be used for Subject
Public Key that do not have their own key identifier.
With this, all keys (including the subject public key) have
a proper key OID string so we don't need to make a special
case of null pointers when it comes to handling key OIDs.
Change-Id: Ice6923951699b6e253d7fd87e4c1b912470e0391
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Adding an helper macro for bit field insert(bic) instruction
to group all the operations related to it.
Change-Id: Idfd06c7f38faf52090f62b458d2d96c2682f63fe
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Added a platform function to measure and publish Public Key information.
Subsequent patches define this function for the FVP and TC platforms to
measure Public Key and publishes it to RSS if MEASURED_BOOT is
enabled.
Change-Id: I1f61f44c7a83bb4cbafbd1af97b5adeb8398e8e8
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
These bits (MDCR_EL3.{NSTB, NSTBE, TTRF, TPM}, CPTR_EL3.TTA) only affect
EL2 (and lower) execution. Each feat_init_el3() is called long before
any lower EL has had a chance to execute, so setting the bits at reset
is redundant. Removing them from reset code also improves readability of
the immutable EL3 state.
Preserve the original intention for the TTA bit of "enabled for NS and
disabled everywhere else" (inferred from commit messages d4582d3088 and
2031d6166a and the comment). This is because CPTR_EL3 will be contexted
and so everyone will eventually get whatever NS has anyway.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I3d24b45d3ea80882c8e450b2d9db9d5531facec1
With the introduction of FEAT_RME MDCR_EL3 bits NSPB and NSPBE depend on
each other. The enable code relies on the register being initialised to
zero and omits to reset NSPBE. However, this is not obvious. Reset the
bit explicitly to document this.
Similarly, reset the STE bit , since it's part of the feature enablement.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I3714507bae10042cdccd2b7bc713b31d4cdeb02f
Adding the AP/RSS interface for reading the ROTPK.
The read interface implements the psa_call:
psa_call(RSS_CRYPTO_HANDLE, PSA_IPC_CALL,
in_vec, IOVEC_LEN(in_vec),
out_vec, IOVEC_LEN(out_vec));
where the in_vec indicates which of the 3 ROTPKs we want,
and the out_vec stores the ROTPK value we get back from RSS.
Through this service, we will be able to read any of the 3
ROTPKs used on a CCA platform:
- ROTPK for CCA firmware (BL2, BL31, RMM).
- ROTPK for secure firmware.
- ROTPK for non-secure firmware.
Change-Id: I44c615588235cc797fdf38870b74b4c422be0a72
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Madhukar Pappireddy
Raghu Krishnamurthy
Raymond Mao
Bipin Ravi
Yann Gautier
Jacky Bai
Olivier Deprez
Gabriel Fernandez
thagon01-arm
Sona Mathew
Manish V Badarkhe
Prasad Kummari
Juan Pablo Conde
XiaoDong Huang
Boyan Karatotev
Andre Przywara
Rob Hughes
Govindraj Raja
Harrison Mutai
Rajasekaran Kalidoss
Arvind Ram Prakash
Omkar Anand Kulkarni
Jayanth Dodderi Chidanand
rutigl@gmail.com
Maksims Svecovs
laurenw-arm