Since STM32MP1 platform supports different boards, it is necessary
to build for a particular board. With the current instructions, the
user has to modify the DTB_FILE_NAME variable in platform.mk for
building for a particular board, but this can be avoided by passing
the appropriate board DTB name via DTB_FILE_NAME make variable.
Hence document the same in platform doc.
Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
Change-Id: I16797e7256c7eb699a7b8846356fe430d0fe0aa1
This adds a rockchip.rst to docs/plat documenting the general
approach to using the Rockchip ATF platforms together with the
supported bootloaders and also adds myself as maintainer after
making sure Tony Xie is ok with that.
Signed-off-by: Heiko Stuebner <heiko@sntech.de>
Change-Id: Idce53d15eff4ac6de05bbb35d86e57ed50d0cbb9
Support booting OP-TEE as BL32 boot stage and secure runtime
service.
OP-TEE executes in internal RAM and uses a secure DDR area to store
the pager pagestore. Memory mapping and TZC are configured accordingly
prior OP-TEE boot. OP-TEE image is expected in OP-TEE v2 format where
a header file describes the effective boot images. This change
post processes header file content to get OP-TEE load addresses
and set OP-TEE boot arguments.
Change-Id: I02ef8b915e4be3e95b27029357d799d70e01cd44
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
The i.MX8M Mini is new SOC of the i.MX8M family. it is
focused on delivering the latest and greatest video and
audio experience combining state-of-the-art media-specific
features with high-performance processing while optimized
for lowest power consumption. The i.MX 8M Mini Media Applications
Processor is 14nm FinFET product of the growing i.MX8M family
targeting the consumer & industrial market. It is built in 14LPP
to achieve both high performance and low power consumption
and relies on a powerful fully coherent core complex based on
a quad Cortex-A53 cluster with video and graphics accelerators
this patch add the basic support for i.MX8MM.
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
This patch provides support for using the scatterfile format as
the linker script with the 'armlink' linker for Tegra platforms.
In order to enable the scatterfile usage the following changes
have been made:
* provide mapping for ld.S symbols in bl_common.h
* include bl_common.h from all the affected files
* update the makefile rules to use the scatterfile and armlink
to compile BL31
* update pubsub.h to add sections to the scatterfile
NOTE: THIS CHANGE HAS BEEN VERIFIED WITH TEGRA PLATFORMS ONLY.
Change-Id: I7bb78b991c97d74a842e5635c74cb0b18e0fce67
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This adds BL31 support to Intel Stratix10 SoCFPGA platform. BL31 in TF-A
supports:
- PSCI calls to enable 4 CPU cores
- PSCI mailbox calls for FPGA reconfiguration
Signed-off-by: Loh Tien Hock <tien.hock.loh@intel.com>
A link to st.com page describing STM32MP1 is added.
Add the information about Cortex-M4 embedded in STM32MP1.
Correct typo for u-boot command.
Change-Id: Ie900f6ee59461c5e7ad8a8b06854abaf41fca3ce
Signed-off-by: Yann Gautier <yann.gautier@st.com>
This documentation contains information about the boot sequence,
code location and build procedure for fvp_ve platform.
Change-Id: I339903f663cc625cfabc75ed8e4accb8b2c3917c
Signed-off-by: Usama Arif <usama.arif@arm.com>
Using Sphinx linkcheck on the TF-A docs revealed some broken
or permanently-redirected links. These have been updated where
possible.
Change-Id: Ie1fead47972ede3331973759b50ee466264bd2ee
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
This patch adds information about the Tegra186 platforms to the
docs.
Change-Id: I69525c60a0126030dc15505ec7f02ccf8250be6f
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
The non secure world would like to profile the boot path for
the EL3 and S-EL1 firmwares. To allow it to do that, a non-secure
DRAM region (4K) is allocated and the base address is passed to
the EL3 firmware.
This patch adds a library to allow the platform code to store the
tag:timestamp pair to the shared memory. The tegra platform code
then uses the `record` method to add timestamps.
Original change by Akshay Sharan <asharan@nvidia.com>
Change-Id: Idbbef9c83ed84a508b04d85a6637775960dc94ba
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
This patch updates the WaRP7 build descriptions for booting WaRP7 in
Trusted Board Boot mode. TBB is the only mode we really intend to support
for this board so rather than maintain documentation for the old way of
doing it, this patch updates the description for TBB mode only.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
This patch adds capability to read the boot flag to enable L2 ECC
and Parity Protection bit for the Cortex-A57 CPUs. The previous
bootloader sets this flag value for the platform.
* with some coverity fix:
MISRA C-2012 Directive 4.6
MISRA C-2012 Rule 2.5
MISRA C-2012 Rule 10.3
MISRA C-2012 Rule 10.4
Change-Id: Id7303bbbdc290b52919356c31625847b8904b073
Signed-off-by: Harvey Hsieh <hhsieh@nvidia.com>
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
i.MX8MQ is new SOC of NXP's i.MX8M family based on
A53. It can provide industry-leading audio, voice
and video processing for applications that scale
from consumer home audio to industrial building
automation and mobile computers
this patchset add the basic supoort to boot up
the 4 X A53. more feature will be added later.
Signed-off-by: Bai Ping <ping.bai@nxp.com>
The default Raspberry Pi 3 memory mapping for ATF is geared towards
the use of uboot + Linux. This creates issues when trying to use
ATF with an UEFI payload and Windows on ARM64.
We therefore introduce new build option RPI3_USE_UEFI_MAP, that
enables the build process to use an alternate memory mapping that
is compatible with UEFI + Windows (as well as UEFI + Linux).
FixesARM-software/tf-issues#649
Signed-off-by: Pete Batard <pete@akeo.ie>
Some OSes (e.g. Ubuntu 18.04 LTS on Raspberry Pi 3) may disable the
runtime UART in a manner that prevents the system from rebooting if
ATF tries to send runtime messages there.
Also, we don't want the firmware to share the UART with normal
world, as this can be a DoS attack vector into the secure world.
This patch fixes these 2 issues by introducing new build option
RPI3_RUNTIME_UART, that disables the runtime UART by default.
FixesARM-software/tf-issues#647
Signed-off-by: Pete Batard <pete@akeo.ie>
Xilinx is introducing Versal, an adaptive compute acceleration platform
(ACAP), built on 7nm FinFET process technology. Versal ACAPs combine Scalar
Processing Engines, Adaptable Hardware Engines, and Intelligent Engines with
leading-edge memory and interfacing technologies to deliver powerful
heterogeneous acceleration for any application. The Versal AI Core series has
five devices, offering 128 to 400 AI Engines. The series includes dual-core Arm
Cortex-A72 application processors, dual-core Arm Cortex-R5 real-time
processors, 256KB of on-chip memory with ECC, more than 1,900 DSP engines
optimized for high-precision floating point with low latency.
This patch adds Virtual QEMU platform support for
this SoC "versal_virt".
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
When a device tree blob is present at a known address, instead of, for
example, relying on the user modifying the Linux command line to warn
about the memory reserved for the Trusted Firmware, pass it on the DTB.
The current code deletes the memory reserved for the default bootstrap
of the Raspberry Pi and adds the region used by the Trusted Firmware.
This system replaces the previous one consisting on adding
``memmap=16M$256M`` to the Linux command line. It's also meant to be
used by U-Boot and any other bootloader that understands DTB files.
Change-Id: I13ee528475fb043d6e8d9e9f24228e37ac3ac436
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Reference code:
==============
rar_gen3: IPL and Secure Monitor Rev1.0.22
https://github.com/renesas-rcar/arm-trusted-firmware [rcar_gen3]
Author: Takuya Sakata <takuya.sakata.wz@bp.renesas.com>
Date: Thu Aug 30 21:26:41 2018 +0900
Update IPL and Secure Monitor Rev1.0.22
General Information:
===================
This port has been tested on the Salvator-X Soc_id r8a7795 revision
ES1.1 (uses an SPD).
Build Tested:
-------------
ATFW_OPT="LSI=H3 RCAR_DRAM_SPLIT=1 RCAR_LOSSY_ENABLE=1"
MBEDTLS_DIR=$mbedtls
$ make clean bl2 bl31 rcar PLAT=rcar ${ATFW_OPT} SPD=opteed
Other dependencies:
------------------
* mbed_tls:
git@github.com:ARMmbed/mbedtls.git [devel]
Merge: 68dbc94 f34a4c1
Author: Simon Butcher <simon.butcher@arm.com>
Date: Thu Aug 30 00:57:28 2018 +0100
* optee_os:
https://github.com/BayLibre/optee_os
Until it gets merged into OP-TEE, the port requires Renesas' Trusted
Environment with a modification to support power management.
Author: Jorge Ramirez-Ortiz <jramirez@baylibre.com>
Date: Thu Aug 30 16:49:49 2018 +0200
plat-rcar: cpu-suspend: handle the power level
Signed-off-by: Jorge Ramirez-Ortiz <jramirez@baylibre.com>
* u-boot:
The port has beent tested using mainline uboot.
Author: Fabio Estevam <festevam@gmail.com>
Date: Tue Sep 4 10:23:12 2018 -0300
*linux:
The port has beent tested using mainline kernel.
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date: Sun Sep 16 11:52:37 2018 -0700
Linux 4.19-rc4
Overview
---------
BOOTROM starts the cpu at EL3; In this port BL2 will therefore be entered
at this exception level (the Renesas' ATF reference tree [1] resets into
EL1 before entering BL2 - see its bl2.ld.S)
BL2 initializes DDR (and i2c to talk to the PMIC on some platforms)
before determining the boot reason (cold or warm).
During suspend all CPUs are switched off and the DDR is put in
backup mode (some kind of self-refresh mode). This means that BL2 is
always entered in a cold boot scenario.
Once BL2 boots, it determines the boot reason, writes it to shared
memory (BOOT_KIND_BASE) together with the BL31 parameters
(PARAMS_BASE) and jumps to BL31.
To all effects, BL31 is as if it is being entered in reset mode since
it still needs to initialize the rest of the cores; this is the reason
behind using direct shared memory access to BOOT_KIND_BASE and
PARAMS_BASE instead of using registers to get to those locations (see
el3_common_macros.S and bl31_entrypoint.S for the RESET_TO_BL31 use
case).
Depending on the boot reason BL31 initializes the rest of the cores:
in case of suspend, it uses a MBOX memory region to recover the
program counters.
[1] https://github.com/renesas-rcar/arm-trusted-firmware
Tests
-----
* cpuidle
-------
enable kernel's cpuidle arm_idle driver and boot
* system suspend
--------------
$ cat suspend.sh
#!/bin/bash
i2cset -f -y 7 0x30 0x20 0x0F
read -p "Switch off SW23 and press return " foo
echo mem > /sys/power/state
* cpu hotplug:
------------
$ cat offline.sh
#!/bin/bash
nbr=$1
echo 0 > /sys/devices/system/cpu/cpu$nbr/online
printf "ONLINE: " && cat /sys/devices/system/cpu/online
printf "OFFLINE: " && cat /sys/devices/system/cpu/offline
$ cat online.sh
#!/bin/bash
nbr=$1
echo 1 > /sys/devices/system/cpu/cpu$nbr/online
printf "ONLINE: " && cat /sys/devices/system/cpu/online
printf "OFFLINE: " && cat /sys/devices/system/cpu/offline
Signed-off-by: ldts <jramirez@baylibre.com>
This patch describes the boot-flow and building of the WaRP7 TF-A port.
What it describes is booting and unsigned TF-A.
A very brief section has been added on signing BL2 which is in no-way
comprehensive. For a comprehensive description of the signing process try
the Boundary Devices blog on the matter.
https://boundarydevices.com/high-assurance-boot-hab-dummies/
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
The Non-secure DRAM region shouldn't be protected in the range specified
in the Linux command line with memmap.
This change also increases the size of the Secure DRAM region.
Change-Id: I306e9e443a84b834c99739f54a534a3ca3be2424
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
In the memory map of the documentation the kernel only had 16MiB of
allocated space. This leaves very little room for growth, so the
addresses of the DTB and the kernel have been interchanged.
The documentation has been updated to reflect this change.
Change-Id: Ib6eab69f047fa88561fb755397ce3a0b356c8860
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Add information about direct Linux kernel boot for kernels that support
PSCI.
Change-Id: I05f76aa36398edabf411cb25a646437af1862e6e
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
It uses the hardware RNG in a similar way as Juno (it gets 128 bits of
entropy and does xor on them).
It is disabled by default.
Change-Id: I8b3adb61f5a5623716e0e8b6799404c68dd94c60
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
There is no way to boot BL31 at the addresses specified in the platform
memory map unless an extra loader is used at address 0x00000000. It is
better to remove it to prevent confusion. Having it enabled was a bug.
Change-Id: I3229fbc080f5996cff47efce8e799bae94e0d5cb
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Add a new default makefile target to concatenate BL1 and the FIP and
generate armstub8.bin. This way it isn't needed to do it manually.
Documentation updated to reflect the changes.
Change-Id: Id5b5b1b7b9f87767db63fd01180ddfea855a7207
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Running optee_test failed because SEC_DRAM0_SIZE is too small. Previous
is 2 MB. We enlarge it to 11 MB for passing the test. Also we reduce
the NS_DRAM0_SIZE from 13MB to 4MB so that the whole section is still
fit in 16MB.
This commit also modified the document to reflect the changes we've
made in code.
Tested-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Implement minimal interrupt routing functions. All interrupts are
treated as non-secure interrupts to be handled by the non-secure world.
Add note to the documentation about disabling FIQs qhen using OP-TEE
with Linux.
Change-Id: I937096542d973925e43ae946c5d0b306d0d95a94
Tested-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Add paragraph for how to enable Trusted Board Boot for rpi3
Tested-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>
For Trusted Board Boot we enlarge the BL1 size from 64k to 128k.
Tested-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
The H6 is Allwinner's most recent SoC. It shares most peripherals with the
other ARMv8 Allwinner SoCs (A64/H5), but has a completely different memory
map.
Introduce a separate platform target, which includes a different header
file to cater for the address differences. Also add the new build target
to the documentation.
The new ATF platform name is "sun50i_h6".
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Add two empty lines to denote the paragraphs properly and improve
readability.
Reported-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
This patch is an attempt to run Trusted OS (OP-TEE OS being one of them) along
side BL31 image.
ATF supports multiple SPD's that can take dispatcher name (opteed for OP-TEE OS)
as an input using the 'SPD=<dispatcher name>' option during bl31 build.
Signed-off-by: Amit Singh Tomar <amittomer25@gmail.com>
This patch is an attempt to run Trusted OS (OP-TEE OS being one of them) along
side BL31 image.
ATF supports multiple SPD's that can take dispatcher name (opteed for OP-TEE OS)
as an input using the 'SPD=<dispatcher name>' option during bl31 build.
Signed-off-by: Amit Singh Tomar <amittomer25@gmail.com>
Add Makefile and plaform definations file.
My thanks to Daniel Thompson and Ard Biesheuvel for the bits and pieces
I've taken from their earlier work regarding build and deploy steps for
Developerbox based on Synquacer SoCs. They deserve much of the credit
for this work although, since I assembled and tested things, any blame
is probably mine.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Tested-by: Daniel Thompson <daniel.thompson@linaro.org>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Create the baseline Makefile, platform definitions file and platform
specific assembly macros file. This includes first set of constants
for the platform including cache sizes and linker format and a stub for
BL31 and the basic memory layout
K3 SoC family of processors do not use require a BL1 or BL2 binary,
since such functions are provided by an system controller on the SoC.
This lowers the burden of ATF to purely managing the local ARM cores
themselves.
Signed-off-by: Benjamin Fair <b-fair@ti.com>
Signed-off-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
NXP's i.MX8QM is an ARMv8 SoC with 2 clusters, 2 Cortex-A72
cores in one cluster and 4 Cortex-A53 in the other cluster,
and also has system controller (Cortex-M4) inside, documentation
can be found in below link:
https://www.nxp.com/products/processors-and-microcontrollers/
applications-processors/i.mx-applications-processors/i.mx-8-processors:IMX8-SERIES
This patch adds support for booting up SMP linux kernel (v4.9).
Signed-off-by: Anson Huang <Anson.Huang@nxp.com>
NXP's i.MX8QX is an ARMv8 SoC with 4 Cortex-A35 cores and
system controller (Cortex-M4) inside, documentation can
be found in below link:
https://www.nxp.com/products/processors-and-microcontrollers/
applications-processors/i.mx-applications-processors/i.mx-8-processors:IMX8-SERIES
This patch adds support for booting up SMP linux kernel (v4.9).
Signed-off-by: Anson Huang <Anson.Huang@nxp.com>
The Allwinner A64 SoC is quite popular on single board computers.
It comes with four Cortex-A53 cores in a singe cluster and the usual
peripherals for set-top box/tablet SoC.
The ATF platform target is called "sun50i_a64".
[Andre: adapted to amended directory layout, removed unneeded definitions ]
Signed-off-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
The order of the arguments of memmap was swapped. The old command was
reserving 256 MiB from the 16 MiB barrier, it should be reserving only
16 MiB at the 256 MiB barrier.
It worked because the memory used by the Trusted Firmware was reserved
anyway.
Change-Id: I3fefcfc0105ecf05ba5606517bc3236f4eb24ceb
Tested-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
This patch introduce TF-A support for NXP's ls1043a platform.
more details information of ls1043a chip and ls1043ardb board
can be found at docs/plat/ls1043a.rst.
Boot sequence on ls1043a is: bootrom loads bl1 firstly, then bl1
loads bl2, bl2 will load bl31, bl32 and bl33, bl31 will boot
bl32(tee os) and bl33(u-boot or uefi), bl33 boot Linux kernel.
Now TF-A on ls1043ardb platform has the following features in this patch:
* Support boot from Nor flash.
* TF-A can boot bl33 which runs in el2 of non-secure world.
* TF-A boot OPTee OS.
* Support PSCI
Signed-off-by: Jiafei Pan <Jiafei.Pan@nxp.com>
Signed-off-by: Chenyin.Ha <Chenyin.Ha@nxp.com>
Signed-off-by: Chenhui Zhao <chenhui.zhao@nxp.com>
Signed-off-by: jiaheng.fan <jiaheng.fan@nxp.com>
Signed-off-by: Wen He <wen.he_1@nxp.com>
Switch to the new console APIs enabled by setting MULTI_CONSOLE_API=1.
The crash console doesn't use this API, it uses internally the core
functions of the 16550 console.
`bl31_plat_runtime_setup` is no longer needed. When this platform port
was introduced, that function used to disable the console. It was needed
to override that behaviour. The new behaviour is to switch to the
runtime console. The console is registered for all scopes (boot, crash
and runtime) in `rpi3_console_init` so it is not needed to override the
default behaviour anymore.
Update documentation.
Change-Id: If2ee8f91044216183b7ef142e5c05ad6220ae92f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
kenny liang
Manivannan Sadhasivam
Heiko Stuebner
Yann Gautier
Remi Pommarel
Jacky Bai
Varun Wadekar
Tien Hock, Loh
Usama Arif
Paul Beesley
Bryan O'Donoghue
Harvey Hsieh
Pete Batard
Siva Durga Prasad Paladugu
Antonio Nino Diaz
Jorge Ramirez-Ortiz
Ying-Chun Liu (PaulLiu)
Andre Przywara
Amit Singh Tomar
Sumit Garg
Nishanth Menon
Anson Huang
Samuel Holland
Jiafei Pan