This change introduces a few helper variables for dealing with verbose
and silent build modes: `silent`, `verbose`, `q` and `s`.
The `silent` and `verbose` variables are boolean values determining
whether the build system has been configured to run silently or
verbosely respectively (i.e. with `--silent` or `V=1`).
These two modes cannot be used together - if `silent` is truthy then
`verbose` is always falsy. As such:
make --silent V=1
... results in a silent build.
In addition to these boolean variables, we also introduce two new
variables - `s` and `q` - for use in rule recipes to conditionally
suppress the output of commands.
When building silently, `s` expands to a value which disables the
command that follows, and `q` expands to a value which supppresses
echoing of the command:
$(s)echo 'This command is neither echoed nor executed'
$(q)echo 'This command is executed but not echoed'
When building verbosely, `s` expands to a value which disables the
command that follows, and `q` expands to nothing:
$(s)echo 'This command is neither echoed nor executed'
$(q)echo 'This command is executed and echoed'
In all other cases, both `s` and `q` expand to a value which suppresses
echoing of the command that follows:
$(s)echo 'This command is executed but not echoed'
$(q)echo 'This command is executed but not echoed'
The `s` variable is predominantly useful for `echo` commands, where you
always want to suppress echoing of the command itself, whilst `q` is
more useful for all other commands.
Change-Id: I8d8ff6ed714d3cb401946c52955887ed7dca602b
Signed-off-by: Chris Kay <chris.kay@arm.com>
Generated this change-log using below command:
npm run release -- --skip.commit --skip.tag --release-as 2.11.0
Change-Id: I34c7b342549781057da1b18116500f110bc3f5ad
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Juan Pablo Conde <JuanPablo.Conde@arm.com>
This patch adds support in GPT library for configuration
of the memory block size protected by one bit of 'bitlock'
structure. Build option 'RME_GPT_BITLOCK_BLOCK' defines the
number of 512MB blocks covered by each bit. This numeric
parameter must be a power of 2 and can take the values from
0 to 512. Setting this value to 0 chooses a single spinlock
for all GPT L1 table entries. The default value is set to 1
which corresponds to 512MB per bit.
Change-Id: I710d178072894a3ef40daebea701f74d19e8a3d7
Signed-off-by: AlexeiFedorov <Alexei.Fedorov@arm.com>
Most developers run the `clean`, `checkpatch` and other similar targets
without specifying any other additional build options. When combined
with a flow where the developer passes `CROSS_COMPILE` or `CC`
explicitly, and where the default-configured tools are not on the PATH,
these targets will warn about unrecognized toolchain tools.
This change is a workaround for this whereby the toolchain makefile is
not expanded unless a target *not* named `*clean`, `check*` `doc` or
`*tool` has been specified.
Change-Id: I2f2a275964b65253df07c2207043217b14f615fe
Signed-off-by: Chris Kay <chris.kay@arm.com>
This patch adds support for large GPT mappings using
Contiguous descriptors. The maximum size of supported
contiguous block in MB is defined in RME_GPT_MAX_BLOCK
build parameter and takes values 0, 2, 32 and 512 and
by default set to 2 in make_helpers/defaults.mk.
Setting RME_GPT_MAX_BLOCK value to 0 disables use of
Contiguous descriptors.
Function gpt_tlbi_by_pa_ll() and its declaration
are removed from lib/aarch64/misc_helpers.S and
include/arch/aarch64/arch_helpers.h, because the
GPT library now uses tlbirpalos_xxx() functions.
Change-Id: Ia9a59bde1741c5666b4ca1de9324e6dfd6f734eb
Signed-off-by: AlexeiFedorov <Alexei.Fedorov@arm.com>
Adds driver support to preserve DSU PMU register values over a DSU
power cycle. This driver needs to be enabled by the platforms that
support DSU and also need it's PMU registers to be preserved
Change-Id: I7fc68a3d7d99ee369379aa5cd114fffc763fc0d2
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
The PSA FWU support is significantly matured in terms of
its design, threat model documentation, and implementation
as well as its adherence to the latest PSA FWU specifications.
Consequently, the experimental mark for this feature has been
removed.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ia6611e0c71485413b0da885f41ac59c93038e480
The DICE_PROTECTION_ENVIRONMENT support has been marked as experimental
since it has not incorporated into the threat model.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ic1ea4d59fd8a3fde7ce0404488a56e9d11bc1b85
This function causes the build message to be generated and compiled in
two different ways, with one way done inside `build_macros.mk` and the
other done inside `windows.mk`, mostly because it's done by generating
the C file on the command line.
We can instead replace this whole build message generation sequence with
a simple standard C compilation command and a normal C file.
Change-Id: I8bc136380c9585ddeec9a11154ee39ef70526f81
Signed-off-by: Chris Kay <chris.kay@arm.com>
This is a generic porting of what was done on ST platforms with flag
STM32MP_EARLY_CONSOLE. It creates the flag and the prototype for
plat_setup_early_console(). This function depends on platform
implementation. This function call is added at the beginning of each BL
image early setup function.
The patch also introduce an extra log macro: EARLY_ERROR. This can
replace ERROR macro in code that will only be executed before the
default console is enabled, and will do nothing when the EARLY_CONSOLE
is not enabled. This can then save some space in memory.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I77bf0a0c4289b4c7df94e4bfb783a938e05bf023
Currently both FEAT_MTE and FEAT_MTE_PERM aren't used for enabling
of any feature bits in EL3. So remove both FEAT handling.
All mte regs that are currently context saved/restored are needed
only when FEAT_MTE2 is enabled, so move to usage of FEAT_MTE2 and
remove FEAT_MTE usage.
BREAKING CHANGE: Any platform or downstream code trying to use
SCR_EL3.ATA bit(26) will see failures as this is now moved to be
used only with FEAT_MTE2 with
commit@ef0d0e5478a3f19cbe70a378b9b184036db38fe2
Change-Id: Id01e154156571f7792135639e17dc5c8d0e17cf8
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
FEAT_RME is OPTIONAL in an Armv9.2 implementation,
so set ARM_ARCH_MAJOR := 9 and ARM_ARCH_MINOR := 2
when TF-A is built with 'ENABLE_RME = 1'.
Change-Id: Ibcdb23bd057983eb846eed0b0da8c4d72ed696ae
Signed-off-by: AlexeiFedorov <Alexei.Fedorov@arm.com>
The client platform relies on the DICE attestation
scheme. RSS provides the DICE Protection Environment
(DPE) service. TF-A measured boot framework supports
multiple backends. A given platform always enables
the corresponding backend which is required by the
attestation scheme.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Idc3360d0d7216e4859e99b5db3d377407e0aeee5
The version 2 of the FWU metadata structure is designed such that the
information on the updatable images can be omitted from the metadata
structure. Add a configuration flag, PSA_FWU_METADATA_FW_STORE_DESC,
which is used to select whether the metadata structure has this
information included or not. It's value is set to 1 by default.
Change-Id: I4463a20c94d2c745ddb0b2cc8932c12d418fbd42
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
For example, build for PLAT=fvp SPD=spmd fails with a following error
when LTO is enabled using GCC 13.2.1:
aarch64-none-elf/bin/ld: /tmp/ccrG0Z8D.ltrans0.ltrans.o: in function `spmd_smc_forward':
arm-trusted-firmware/services/std_svc/spmd/spmd_main.c:749:(.text+0xbe50): undefined reference to `rdist_ctx'
aarch64-none-elf/bin/ld: arm-trusted-firmware/services/std_svc/spmd/spmd_main.c:749:(.text+0xbe58): undefined reference to `dist_ctx'
collect2: error: ld returned 1 exit status
Access to rdist_ctx and dist_ctx is defined using inline assembler
like
__asm__ volatile ("ldr %0, =rdist_ctx" : "=r" (v) : "X" (rdist_ctx));
Access assembler function definitions moved to a different ltrans then
actual variables. Partitioner doesn't take into account defined and
used symbols in inline assembler. Depending on compiler partitioner
decision the same code builds for some platforms successfully.
This is a known gcc problem
1. https://gcc.gnu.org/bugzilla/show_bug.cgi?id=57703
2. https://gcc.gnu.org/bugzilla/show_bug.cgi?id=46820
TF-A source code isn't that big and enforcing single partitioning will
not affect build performance, but will fix problems with 'undefined
references' related to inline assembler.
Change-Id: I72955ab0318f72b588d3a246824f99a48a92d8ef
Signed-off-by: Andrey Skvortsov <andrej.skvortzov@gmail.com>
Also increase add PLAT_ARM_SP_MAX_SIZE to override the default
ARM_SP_MAX_SIZE to support Trusty image and move OPTEE_SP_FW_CONFIG
documentation to build-internals.rst as it's not externally set-able.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ief90ae9113d32265ee2200f35f3e517b7b9a4bea
Add support for feat mte2. tfsr_el2 is available only with mte2,
however currently its context_save/restore is done with mte rather than
mte2, so introduce 'is_feat_mte2_supported' to check mte2.
Change-Id: I108d9989a8f5b4d1d2f3b9865a914056fa566cf2
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Having a comment at the end of VERSION_PATCH definition line prevent
the release script to work properly. Move it on the previous line.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I4008ccbccd512edf33f67c645b38937ad1af9777
The toolchain refactor change introduces the `${toolchain}-${tool}-id`
variables, which provide identifiers for all of the toolchain tools used
by the build system. This change replaces the various conditions that
are in use to identify these tools based on the path with a standard set
of comparisons against these new identifier variables.
Change-Id: Ib60e592359fa6e415c19a012e68d660f87436ca7
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change migrates the values of `CC`, `CPP`, `AS` and other toolchain
variables to the new `$(toolchain)-$(tool)` variables, which were
introduced by the toolchain refactor patch. These variables should be
equivalent to the values that they're replacing.
Change-Id: I644fe4ce82ef1894bed129ddb4b6ab94fb04985d
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change refactors how we identify the toolchain, with the ultimate
aim of eventually cleaning up the various mechanisms that we employ to
configure default tools, identify the tools in use, and configure
toolchain flags.
To do this, we introduce three new concepts in this change:
- Toolchain identifiers,
- Tool class identifiers, and
- Tool identifiers.
Toolchain identifiers identify a configurable chain of tools targeting
one platform/machine/architecture. Today, these are:
- The host machine, which receives the `host` identifier,
- The AArch32 architecture, which receives the `aarch32` identifier, and
- The AArch64 architecture, which receivs the `aarch64` identifier.
The tools in a toolchain may come from different vendors, and are not
necessarily expected to come from one single toolchain distribution. In
most cases it is perfectly valid to mix tools from different toolchain
distributions, with some exceptions (notably, link-time optimization
generally requires the compiler and the linker to be aligned).
Tool class identifiers identify a class (or "role") of a tool. C
compilers, assemblers and linkers are all examples of tool classes.
Tool identifiers identify a specific tool recognized and supported by
the build system. Every tool that can make up a part of a toolchain must
receive a tool identifier.
These new identifiers can be used to retrieve information about the
toolchain in a more standardized fashion.
For example, logic in a Makefile that should only execute when the C
compiler is GNU GCC can now check the tool identifier for the C compiler
in the relevant toolchain:
ifeq ($($(ARCH)-cc-id),gnu-gcc)
...
endif
Change-Id: Icc23e43aaa32f4fd01d8187c5202f5012a634e7c
Signed-off-by: Chris Kay <chris.kay@arm.com>
All mandatory FEAT_* enabling is done from arch_features.mk.
Remove some old code which would enable some mandatory options based
on arch-features option passed to march appending.
This is now not needed anymore since if we are using correct
ARCH_MAJOR/MINOR the mandatory options will taken care from
arch_features.mk
Change-Id: I8565ac4ebb3ced29835be65ea5b043a08810872f
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Currently all march compiler option handling is moved to build
utility in march.mk.
We pass arch-features to build which appends to march options,
so this should be done once we decide march options and moving
it to march.mk file.
Change-Id: Ifaf99af5f371fd28db376a12657ccf4f363295c2
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
This feature provides support to context save the
SCXTNUM_ELx register. FEAT_CSV2_3 implies the implementation
of FEAT_CSV2_2. FEAT_CSV2_3 is supported in AArch64 state only
and is an optional feature in Arm v8.0 implementations.
This patch adds feature detection for v8.9 feature FEAT_CSV2_3,
adds macros for ID_AA64PFR0_EL1.CSV2 bits [59:56] for detecting
FEAT_CSV2_3 and macro for ENABLE_FEAT_CSV2_3.
Change-Id: Ida9f31e832b5f11bd89eebd6cc9f10ddad755c14
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Currently CTX_INCLUDE_MTE_REGS is used for dual purpose,
to enable allocation tags register and to context save and restore
them and also to check if mte feature is available.
To make it more meaningful, remove CTX_INCLUDE_MTE_REGS
and introduce FEAT_MTE. This would enable allocation tags register
when FEAT_MTE is enabled and also supported from platform.
Also arch features can be conditionally enabled disabled based on
arch version from `make_helpers/arch_features.mk`
Change-Id: Ibdd2d43874634ad7ddff93c7edad6044ae1631ed
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
No part of the build system uses the `NM` variable, which is usually
used to dump symbol tables from compiled images. This change removes all
declarations of it.
Change-Id: I796ff365e6a7f97d21678f1c8cf8b59bfbb1ae9c
Signed-off-by: Chris Kay <chris.kay@arm.com>
The `gcc-ar` wrapper exists to make it easier to support LTO on some
versions of GCC. The two commands are compatible, accepting exactly the
same arguments, so this change moves us to `gcc-ar` to ensure that we
are configuring LTO correctly.
Change-Id: I24a4cfaad29d35b09f847299081f83ca9b41aa8a
Signed-off-by: Chris Kay <chris.kay@arm.com>
This flag is currently not included when linking with BFD via GCC.
Without it, builds can fail when linking via GCC.
Change-Id: Id37e05f6fb4eea4620861eb1bc8668c41f21ba20
Signed-off-by: Chris Kay <chris.kay@arm.com>
We're a bit inconsistent about which tool we use to preprocess source
files; in some places we use `$(CC) -E` whilst in others we use `cpp`.
This change forces all invocations of the C preprocessor to use the
first scheme, which ensures that the preprocessor behaves the same way
as the C compiler used when compiling C source files.
Change-Id: Iede2f25ff86ea8b43d7a523e32648058d5023832
Signed-off-by: Chris Kay <chris.kay@arm.com>
This patch provides a reporting functionality to display the memory
consumed by the context in each security state and for each exception
level. Flag PLATFORM_REPORT_CTX_MEM_USE enables or disables this
feature.
Change-Id: I1515366bf87561dcedf2b3206be167804df681d4
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
New build option CTX_INCLUDE_MPAM_REGS is added to select
if the firmware needs to save the MPAM EL2 registers during world
switches. This option is currently disabled as MPAM is only
enabled for NS world.
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: Ie2e5e184cdb65f7e1a98d8fe81590253fd859679
Added changelog for v2.10 release.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: Id06263047fcc1ec60e82f85cd09e2e4bc95830f5
This patch enables support for the gcc compiler option "-mharden-sls",
the default is not to use this option. Setting HARDEN_SLS=1 sets
"-mharden-sls=all" that enables all hardening against straight line
speculation.
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I59f5963c22431571f5aebe7e0c5642b32362f4c9
This reverts commit 0abbfab320.
Reason for revert: Changelog was based on rc0 tag but we got few more patches after that which were not captured.
Change-Id: I9829f2b6dc09f0bd5c538845cbae051f6e4c8a75
Removed the PLAT_RSS_NOT_SUPPORTED build option, which was initially
introduced for building the Base AEM FVP platform platform with RSS.
However, we now have a well-defined TC2 platform with RSS, making it
unnecessary to keep this flag.
Note -
Theoretically this is a breaking change. Other platforms could be
using the PLAT_RSS_NOT_SUPPORTED build option. Among upstream platforms,
only the Base AEM FVP uses it right now but we don't know about
downstream platforms.
Change-Id: I931905a4c6ac1ebe3895ab6e0287d0fa07721707
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
CryptoCell-712 and CryptoCell-713 drivers have been deprecated since
TF-A v2.9 and their removal was announced for TF-A v2.10 release.
See [1].
As the release is approaching, this patch deletes these drivers' code as
well as all references to them in the documentation and Arm platforms
code (Nuvoton platform is taken care in a subsequent patch). Associated
build options (ARM_CRYPTOCELL_INTEG and PLAT_CRYPTOCELL_BASE) have also
been removed and thus will have no effect if defined.
This is a breaking change for downstream platforms which use these
drivers.
[1] https://trustedfirmware-a.readthedocs.io/en/v2.9/about/release-information.html#removal-of-deprecated-drivers
Note that TF-A v3.0 release later got renumbered into v2.10.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: Idabbc9115f6732ac1a0e52b273d3380677a39813
Include platform headers in DT build to enable build time configuration
of number of execution context supported by the platform.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I5b9ffc9865f198a1f802fcb5e0950a5fabb48727
Introducing INIT_UNUSED_NS_EL2 macro which guards the code that
disables the unused EL2 when a platform hands off from EL3
to NS-EL1 instead of NS-EL2. Platforms without NS-EL2 in use
must enable this flag.
BREAKING CHANGE: Initialisation code for handoff from EL3 to NS-EL1
disabled by default. Platforms which do that need to enable this macro
going forward
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I61431cc4f7e2feb568d472828e5fd79cc73e51f5
1. build-id takes space in memory
2. in some cases for lto build linker decided to put new
.note.gnu.build-id section before .text section. The result was
non-working image, because entry point wasn't at __BLXX_START__
anymore.
Signed-off-by: Andrey Skvortsov <andrej.skvortzov@gmail.com>
Change-Id: Id78ccbc51e5ef82296069444ab438a1964a74e78
Add a chapter "Version numbering" in release information file that
explains macros used for TF-A version. It also introduces VERSION_PATCH
macro that is used for LTS releases. A comment for this macro is also
added in Makefile.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I946b6cb91bb8454131f07b24534d28ab1aef1771
Commit(3547270f5 refactor(build): reorder platform Makefile
evaluation) re-ordered platform makefile inclusion before
arch_features evaluations, but then it fails to remove the dependency
that were moved and thus have double evaluation of some build
variables apparently this breaks BUILD_PLAT.
Additionally remove duplicate checks in SPMD similar checks are in
place in main level makefile.
Change-Id: I5a71624fc43977054467ec6502ce359fb1d08838
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
This patch removes RAS_FFH_SUPPORT macro which is the combination of
ENABLE_FEAT_RAS and HANDLE_EA_EL3_FIRST_NS. Instead introduce an
internal macro FFH_SUPPORT which gets enabled when platforms wants
to enable lower EL EA handling at EL3. The internal macro FFH_SUPPORT
will be automatically enabled if HANDLE_EA_EL3_FIRST_NS is enabled.
FFH_SUPPORT along with ENABLE_FEAT_RAS will be used in source files
to provide equivalent check which was provided by RAS_FFH_SUPPORT
earlier. In generic code we needed a macro which could abstract both
HANDLE_EA_EL3_FIRST_NS and RAS_FFH_SUPPORT macros that had limitations.
Former was tied up with NS world only while the latter was tied to RAS
feature.
This is to allow Secure/Realm world to have their own FFH macros
in future.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ie5692ccbf462f5dcc3f005a5beea5aa35124ac73
As part of migrating RAS extension to feature detection mechanism, the
macro ENABLE_FEAT_RAS was allowed to have dynamic detection (FEAT_STATE
2). Considering this feature does impact execution of EL3 and we need
to know at compile time about the presence of this feature. Do not use
dynamic detection part of feature detection mechanism.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I23858f641f81fbd81b6b17504eb4a2cc65c1a752
With changes to refactor to use first platform makefiles
then parse arch_features.mk file 'ENABLE_RME' will be initialised
only when we define during build or at arch_features.mk thus
making comparison of 'ENABLE_RME' to '0' incorrect.
So keep BRBE disabled when RME is enabled at main makefile level.
Change-Id: I7e3d99eb444678d63585bd5971ada627cfc4fcc9
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Commit(f5211420b refactor(cpufeat): refactor arch feature build
options) ensures mandatory arch features are enabled based on
ARM_ARCH_MAJOR and ARM_ARCH_MINOR, which would be expected to be
provided from platform makefile. However it missed ensuring platform
makefile is included before parsing and enabling any mandatory arch
features.
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Change-Id: Ia0ccb7d73b2d24c87d3d235babed4704230bec28
Restricts MPAM to only NS world and enables trap to EL3 for access of
MPAM registers from lower ELs of Secure and Realm world.
This patch removes MPAM enablement from global context and adds it to
EL3 State context which enables/disables MPAM during world switches.
Renamed ENABLE_MPAM_FOR_LOWER_ELS to ENABLE_FEAT_MPAM and
removed mpam_init_el3() as RESET behaviour is trapping.
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I131f9dba5df236a71959b2d425ee11af7f3c38c4
When trying to compile and link with gcc on an Aarch32 platform, there
is the following error:
arm-none-eabi-gcc: error: unrecognized command-line option
'-mno-fix-cortex-a53-843419'; did you mean '-mno-fix-cortex-m3-ldrd'?
This option seems specific to Aarch64 version of GCC.
Enclose it with a check on ARCH=aarch64.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I8c8cb784ce2f2938c4c6999745dda09ee9a5669d
Chris Kay
Manish V Badarkhe
AlexeiFedorov
Arvind Ram Prakash
Yann Gautier
Govindraj Raja
Tamas Ban
Sughosh Ganu
Andrey Skvortsov
Arunachalam Ganapathy
Olivier Deprez
Sona Mathew
Juan Pablo Conde
Bipin Ravi
Manish Pandey
Sandrine Bailleux
Nishant Sharma