Since there is no product deployed running EL3 in AArch32 mode for
Cortex-A57 and Cortex-A72, report the workaround for CVE 2022 23960
as missing on these cores.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I14d202c1179707257086ad0c4795c397e566b3e6
SMPLSEL and DRVSEL values need to updated in
DWMMC for the IP to work correctly. This apply
on Stratix 10 device only.
Signed-off-by: Loh Tien Hock <tien.hock.loh@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ibd799a65890690682e27e4cbbc85e83ea03d51fc
This adds F2S and S2F bridge enable, disable and reset
sequence to enable, disable and reset properly the bridges
in SMC call or during reset.
The reset is also maskable as the SMC from uboot can
pass in the bridge mask when requesting for bridge
enable or disable.
Signed-off-by: Loh Tien Hock <tien.hock.loh@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ie144518c591664ef880016c9b3706968411bbf21
This is a mandatory entry in an SP's manifest however
currently an S-EL1 partition running under the EL3 SPMC
must have the same amount of execution contexts as
physical cores therefore just check the entry matches
this value.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I4c2a85ccde7a7bb9b1232cf6389a8c532cbf3d41
To align with other SPMC implementations parse the UUID
from the SP manifest as 4 uint32 values and store
this internally.
Change-Id: I7de5d5ef8d98dc14bc7c76892133c2333358a379
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Add mailbox structs to the partition descriptors
and ensure these are initialised correctly.
Change-Id: Ie80166d19763c266b6a1d23e351d312dc31fb221
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
For EL3 SPMC configuration enabled platforms, allow the reuse of
BL32 specific definitions.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I37ffbbf680326c101fbb2f146085a96c138f07a1
Introduce additional #defines for running with the EL3
SPMC on the FVP.
The increase in xlat tables has been chosen to allow
the test cases to complete successfully and may need
adjusting depending on the desired usecase.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I7f44344ff8b74ae8907d53ebb652ff8def2d2562
Add an example logical partition to the FVP platform that
simply prints and echos the contents of a direct request
with the appropriate direct response.
Change-Id: Ib2052c9a63a74830e5e83bd8c128c5f9b0d94658
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Added myself and Sandrine Bailleux as code owners for Firmware
Update driver.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Change-Id: I34fad895c6236fedc814fb6da4b04fd7fbed9227
Change the OPTEE FF-A manifest to comply with changes to the sp pkg [1].
The sptool packs the image at the default offset of 0x4000, if it is not
provided in the arguments.
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/14507
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I647950410114f7fc24926696212bb7f8101390ac
To cope with the changes/design decisions in the implementation of
boot protocol, from FF-A v1.1 specification in the S-EL2 SPM, we have
changed the format of the sp pkg header.
These changes need to be reflected in the sptool, used for packaging
the SP binary, and the SP's FF-A manifest. Now the SP pkg can
contain the boot information blob as defined by the FF-A specification.
To cater for these changes, bring to the TF-A project an equivalent to
the tool used in the Hafnium project.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I046f5d6e3c2ef0ba6c87f65302e127dedef34c28
Introduce a framework to support running logical
partitions alongside the SPMC in EL3 as per the
v1.1 FF-A spec.
The DECLARE_LOGICAL_PARTITION macro has been added to
simplify the process to define a Logical Partition.
The partitions themselves are statically allocated
with the descriptors placed in RO memory.
It is assumed that the MAX_EL3_LP_DESCS_COUNT will
be defined by the platform.
Change-Id: I1c2523e0ad2d9c5d36aeeef6b8bcb1e80db7c443
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Mediatek's mt6795 platform was deprecated in 2.5 release and as per [1]
a platform which has been marked deprecated should be removed from repo
after 2 release cycle.
[1] https://trustedfirmware-a.readthedocs.io/en/latest/plat/deprecated.html?highlight=deprecated
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ic427a3071316a13f34a726a1eb086b679e1671a1
The "sp_mk_generator.py" is responsible for processing the SP layout
file, which contains information about the SPs to be deployed on top of
the SPM, to generate the "sp_gen.mk" file which appends information
specific to each SP that shall help with packing all SPs into a fip
binary.
Before this patch the "sp_mk_generator.py" was a monolithic script,
which has now been broken down into functions for each identified
configuration action.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I8ee7487f2e07d53e508d17d0fe4510e22957f5ca
Developed python framework to help with SPs configuration. The framework
allows for functions (dubbed "actions" in the framework) to be defined
that should process the "sp_layout.json" file.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I278cd5a7aa0574168473e28f3b0fe231d7b548ee
The Allwinner SID device holds a 16-bit SoC identifier, which we already
use in our code.
Export this number through the generic SMCCC SOCID interface, to allow
an architectural identification of an Allwinner SoC. This enables access
to this information from non-secure world, simplifies generic drivers
(ACPI comes to mind), and gives easy and precise access to the SoC ID
from userland in OSes like Linux.
Change-Id: I91753046b2ae5408ca7bc0b864fcd97d24c8267c
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
* changes:
feat(allwinner): provide CPU idle states to the rich OS
feat(allwinner): simplify CPU_SUSPEND power state encoding
feat(allwinner): choose PSCI states to avoid translation
feat(fdt): add the ability to supply idle state information
fix(allwinner): improve DTB patching error handling
refactor(allwinner): patch the DTB after setting up PSCI
refactor(allwinner): move DTB change code into allwinner/common
Propose myself as a code owner of the measured boot module.
Also do a couple of updates along the way:
- Add the measured boot bindings document to the list of measured
boot files.
- Fix the list of FVP files. plat/arm/board/fvp/fvp_measured_boot.c
does not exist anymore. It has been replaced by
plat/arm/board/fvp/fvp_measured_{bl1,bl2,common}_boot.c files.
Change-Id: Ifb34f4f7c704b1db966b44428bbffd48c5e3c42b
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
In all TF-A commit messages, the first line must comply to the
following format:
type(scope): description
Although the conventional commits specification says that the scope
above is optional, we have made it mandatory in TF-A and the following
error message is printed if no scope is provided:
scope may not be empty [scope-empty]
However, this can be too restrictive for some types of commits. For
example, it is typically hard to choose a scope for documentation
patches which modify several documents of different natures.
Lift this restriction in the tools and leave it up to the developer to
decide whether a scope is needed or not.
Change-Id: I9d35e7790fc3fa74651794216fe8db265ad09982
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
This patch adds SPP/EMU platform support for Xilinx Versal and
also updating the documentation.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: Ibdadec4d00cd33ea32332299e7a00de31dc9d60b
This patch is to add size checking to make sure that
each certificate and encryption/decryption request
are 4-byte align as this driver is expecting. Unaligned
size may indicate invalid/corrupted request hence will
be rejected.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ib6f97849ec470e45679c5adc4fbfa3afd10eda90
It is not always the case that RESET_TO_BL31 enabled platforms don't
execute a bootloader before BL31.
For those use cases, being able to receive arguments from that first
loader (i.e: a DTB with TPM logs) might be necessary feature.
This code has been validated on iMX8mm.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Change-Id: Ibf00c3867cb1d1012b8b376e64ccaeca1c9d2bff
Makefile updated to use LLVM utilities instead of GNU utilities when
compiling with clang. `CROSS_COMPILE` is not required since this
dependency has been removed.
Change-Id: I19706b84b9310e07935516681b86596c04ef8ad6
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Changing the log message from notice to verbose, to save some space
and that leads to successfull compilation.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: Iee5a808febf211464eb8ba6f0377f79378333f5d
Cortex-A15 does not support FEAT_CSV2 so the existing workaround for
Spectre V2 is sufficient to mitigate against Spectre BHB attacks,
however the code needed to be updated to work with the new build flag.
Also, some code was refactored several years ago and not updated in
the Cortex-A15 library file so this patch fixes that as well.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I768c88a38c561c91019b038ac6c22b291955f18e
Previously the SCR_EL3.AMVOFFEN bit was set for all contexts, this
behavior is incorrect as it allows secure world to access the virtual
offset registers when it should not be able to. This patch only sets
AMVOFFEN for non-secure world.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I2c61fe0a8a0092df089f1cb2c0d8a45c8c8ad0d3
* changes:
feat(intel): add SMC support for HWMON voltage and temp sensor
feat(intel): add SMC support for Get USERCODE
fix(intel): extend SDM command to return the SDM firmware version
feat(intel): add SMC for enquiring firmware version
fix(intel): configuration status based on start request
fix(intel): bit-wise configuration flag handling
fix(intel): get config status OK status
fix(intel): use macro as return value
fix(intel): fix fpga config write return mechanism
feat(intel): add SiP service for DCMF status
feat(intel): add RSU 'Max Retry' SiP SMC services
feat(intel): enable SMC SoC FPGA bridges enable/disable
feat(intel): add SMC/PSCI services for DCMF version support
feat(intel): allow to access all register addresses if DEBUG=1
fix(intel): modify how configuration type is handled
feat(intel): support SiP SVC version
feat(intel): enable firewall for OCRAM in BL31
feat(intel): create source file for firewall configuration
fix(intel): refactor NOC header
This change performs a basic configuration of the SMMU root registers
interface on an RME enabled system. This permits enabling GPC checks
for transactions originated from a non-secure or secure device upstream
to an SMMU. It re-uses the boot time GPT base address and configuration
programmed on the PE.
The root register file offset is platform dependent and has to be
supplied on a model command line.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I4f889be6b7afc2afb4d1d147c5c1c3ea68f32e07
Add support to read temperature and voltage using SMC command
Signed-off-by: Kris Chaplin <kris.chaplin@linux.intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I806611610043906b720b5096728a5deb5d652b1d
This patch adds SMC support for enquiring FPGA's User Code.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I82c1fa9390b6f7509b2284d51e199fb8b6a9b1ad
John Powell
Sieu Mun Tang
Madhukar Pappireddy
Manish V Badarkhe
Marc Bonnici
Sandrine Bailleux
J-Alves
Manish Pandey
Andre Przywara
Lauren Wehrmeister
Venkatesh Yadav Abbarapu
Jorge Ramirez-Ortiz
Bipin Ravi
Harrison Mutai
Olivier Deprez
Kris Chaplin