Merge "fix(stm32mp1): add bl prefix for internal linker script" into integration
diff --git a/bl1/bl1_main.c b/bl1/bl1_main.c
index fd60232..663ec64 100644
--- a/bl1/bl1_main.c
+++ b/bl1/bl1_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -126,6 +126,9 @@
auth_mod_init();
#endif /* TRUSTED_BOARD_BOOT */
+ /* Initialize the measured boot */
+ bl1_plat_mboot_init();
+
/* Perform platform setup in BL1. */
bl1_platform_setup();
@@ -147,6 +150,9 @@
else
NOTICE("BL1-FWU: *******FWU Process Started*******\n");
+ /* Teardown the measured boot driver */
+ bl1_plat_mboot_finish();
+
bl1_prepare_next_image(image_id);
console_flush();
diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c
index 197c057..90fe39b 100644
--- a/bl2/bl2_main.c
+++ b/bl2/bl2_main.c
@@ -15,9 +15,6 @@
#include <drivers/auth/auth_mod.h>
#include <drivers/console.h>
#include <drivers/fwu/fwu.h>
-#if MEASURED_BOOT
-#include <drivers/measured_boot/measured_boot.h>
-#endif
#include <lib/extensions/pauth.h>
#include <plat/common/platform.h>
@@ -95,24 +92,19 @@
#if TRUSTED_BOARD_BOOT
/* Initialize authentication module */
auth_mod_init();
-
-#if MEASURED_BOOT
- /* Initialize measured boot module */
- measured_boot_init();
-
-#endif /* MEASURED_BOOT */
#endif /* TRUSTED_BOARD_BOOT */
+ /* Initialize the Measured Boot backend */
+ bl2_plat_mboot_init();
+
/* Initialize boot source */
bl2_plat_preload_setup();
/* Load the subsequent bootloader images. */
next_bl_ep_info = bl2_load_images();
-#if MEASURED_BOOT
- /* Finalize measured boot */
- measured_boot_finish();
-#endif /* MEASURED_BOOT */
+ /* Teardown the Measured Boot backend */
+ bl2_plat_mboot_finish();
#if !BL2_AT_EL3 && !ENABLE_RME
#ifndef __aarch64__
diff --git a/common/bl_common.c b/common/bl_common.c
index a7e2816..eb2352a 100644
--- a/common/bl_common.c
+++ b/common/bl_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -202,12 +202,26 @@
return -EAUTH;
}
- /*
- * Flush the image to main memory so that it can be executed later by
- * any CPU, regardless of cache and MMU state. This is only needed for
- * child images, not for the parents (certificates).
- */
if (is_parent_image == 0) {
+ /*
+ * Measure the image.
+ * We do not measure its parents because these only play a role
+ * in authentication, which is orthogonal to measured boot.
+ *
+ * TODO: Change this code if we change our minds about measuring
+ * certificates.
+ */
+ rc = plat_mboot_measure_image(image_id, image_data);
+ if (rc != 0) {
+ return rc;
+ }
+
+ /*
+ * Flush the image to main memory so that it can be executed
+ * later by any CPU, regardless of cache and MMU state. This
+ * is only needed for child images, not for the parents
+ * (certificates).
+ */
flush_dcache_range(image_data->image_base,
image_data->image_size);
}
diff --git a/docs/components/measured_boot/event_log.rst b/docs/components/measured_boot/event_log.rst
index 5347dcc..0881248 100644
--- a/docs/components/measured_boot/event_log.rst
+++ b/docs/components/measured_boot/event_log.rst
@@ -9,7 +9,7 @@
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Measured Boot driver expects a *tpm_event_log* node with the following field
-in 'nt_fw_config' and 'tsp_fw_config' DTS files:
+in 'tb_fw_config', 'nt_fw_config' and 'tsp_fw_config' DTS files:
- compatible [mandatory]
- value type: <string>
diff --git a/docs/getting_started/porting-guide.rst b/docs/getting_started/porting-guide.rst
index 54754fe..6569a47 100644
--- a/docs/getting_started/porting-guide.rst
+++ b/docs/getting_started/porting-guide.rst
@@ -1199,6 +1199,25 @@
the SMCCC function specified in the argument; otherwise returns
SMC_ARCH_CALL_NOT_SUPPORTED.
+Function : plat_mboot_measure_image()
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : unsigned int, image_info_t *
+ Return : void
+
+When the MEASURED_BOOT flag is enabled:
+
+- This function measures the given image and records its measurement using
+ the measured boot backend driver.
+- On the Arm FVP port, this function measures the given image using its
+ passed id and information and then records that measurement in the
+ Event Log buffer.
+- This function must return 0 on success, a negative error code otherwise.
+
+When the MEASURED_BOOT flag is disabled, this function doesn't do anything.
+
Modifications specific to a Boot Loader stage
---------------------------------------------
@@ -1450,6 +1469,42 @@
The default implementation of this function asserts therefore platforms must
override it when using the FWU feature.
+Function : bl1_plat_mboot_init() [optional]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : void
+ Return : void
+
+When the MEASURED_BOOT flag is enabled:
+
+- This function is used to initialize the backend driver(s) of measured boot.
+- On the Arm FVP port, this function is used to initialize the Event Log
+ backend driver, and also to write header information in the Event Log buffer.
+
+When the MEASURED_BOOT flag is disabled, this function doesn't do anything.
+
+Function : bl1_plat_mboot_finish() [optional]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : void
+ Return : void
+
+When the MEASURED_BOOT flag is enabled:
+
+- This function is used to finalize the measured boot backend driver(s),
+ and also, set the information for the next bootloader component to
+ extend the measurement if needed.
+- On the Arm FVP port, this function is used to pass the base address of
+ the Event Log buffer and its size to BL2 via tb_fw_config to extend the
+ Event Log buffer with the measurement of various images loaded by BL2.
+ It results in panic on error.
+
+When the MEASURED_BOOT flag is disabled, this function doesn't do anything.
+
Boot Loader Stage 2 (BL2)
-------------------------
@@ -1738,6 +1793,42 @@
This function returns 0 on success, a negative error code otherwise.
This function is included if SCP_BL2U_BASE is defined.
+Function : bl2_plat_mboot_init() [optional]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : void
+ Return : void
+
+When the MEASURED_BOOT flag is enabled:
+
+- This function is used to initialize the backend driver(s) of measured boot.
+- On the Arm FVP port, this function is used to initialize the Event Log
+ backend driver with the Event Log buffer information (base address and
+ size) received from BL1. It results in panic on error.
+
+When the MEASURED_BOOT flag is disabled, this function doesn't do anything.
+
+Function : bl2_plat_mboot_finish() [optional]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : void
+ Return : void
+
+When the MEASURED_BOOT flag is enabled:
+
+- This function is used to finalize the measured boot backend driver(s),
+ and also, set the information for the next bootloader component to extend
+ the measurement if needed.
+- On the Arm FVP port, this function is used to pass the Event Log buffer
+ information (base address and size) to non-secure(BL33) and trusted OS(BL32)
+ via nt_fw and tos_fw config respectively. It results in panic on error.
+
+When the MEASURED_BOOT flag is disabled, this function doesn't do anything.
+
Boot Loader Stage 3-1 (BL31)
----------------------------
diff --git a/docs/plat/marvell/armada/build.rst b/docs/plat/marvell/armada/build.rst
index b125144..6872f56 100644
--- a/docs/plat/marvell/armada/build.rst
+++ b/docs/plat/marvell/armada/build.rst
@@ -58,6 +58,7 @@
- a3700 - A3720 DB, EspressoBin and Turris MOX
- a70x0
- a70x0_amc - AMC board
+ - a70x0_mochabin - Globalscale MOCHAbin
- a80x0
- a80x0_mcbin - MacchiatoBin
- a80x0_puzzle - IEI Puzzle-M801
@@ -150,6 +151,16 @@
Specify path to the MSS fimware image binary which will run on Cortex-M3 coprocessor.
It is available in Marvell binaries-marvell git repository. Required when ``MSS_SUPPORT=1``.
+Globalscale MOCHAbin specific build options:
+
+- DDR_TOPOLOGY
+
+ The DDR topology map index/name, default is 0.
+
+ Supported Options:
+ - 0 - DDR4 1CS 2GB
+ - 1 - DDR4 1CS 4GB
+ - 2 - DDR4 2CS 8GB
Armada37x0 specific build options:
diff --git a/drivers/measured_boot/event_log.c b/drivers/measured_boot/event_log.c
deleted file mode 100644
index 0157b03..0000000
--- a/drivers/measured_boot/event_log.c
+++ /dev/null
@@ -1,359 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <assert.h>
-#include <errno.h>
-#include <string.h>
-#include <arch_helpers.h>
-
-#include <common/bl_common.h>
-#include <common/debug.h>
-#include <drivers/auth/crypto_mod.h>
-#include <drivers/measured_boot/event_log.h>
-#include <mbedtls/md.h>
-
-#include <plat/common/platform.h>
-
-/* Event Log data */
-static uint8_t event_log[EVENT_LOG_SIZE];
-
-/* End of Event Log */
-#define EVENT_LOG_END ((uintptr_t)event_log + sizeof(event_log) - 1U)
-
-CASSERT(sizeof(event_log) >= LOG_MIN_SIZE, assert_event_log_size);
-
-/* Pointer in event_log[] */
-static uint8_t *log_ptr = event_log;
-
-/* Pointer to measured_boot_data_t */
-const static measured_boot_data_t *plat_data_ptr;
-
-static uintptr_t tos_fw_config_base;
-static uintptr_t nt_fw_config_base;
-
-/* TCG_EfiSpecIdEvent */
-static const id_event_headers_t id_event_header = {
- .header = {
- .pcr_index = PCR_0,
- .event_type = EV_NO_ACTION,
- .digest = {0},
- .event_size = (uint32_t)(sizeof(id_event_struct_t) +
- (sizeof(id_event_algorithm_size_t) *
- HASH_ALG_COUNT))
- },
-
- .struct_header = {
- .signature = TCG_ID_EVENT_SIGNATURE_03,
- .platform_class = PLATFORM_CLASS_CLIENT,
- .spec_version_minor = TCG_SPEC_VERSION_MINOR_TPM2,
- .spec_version_major = TCG_SPEC_VERSION_MAJOR_TPM2,
- .spec_errata = TCG_SPEC_ERRATA_TPM2,
- .uintn_size = (uint8_t)(sizeof(unsigned int) /
- sizeof(uint32_t)),
- .number_of_algorithms = HASH_ALG_COUNT
- }
-};
-
-static const event2_header_t locality_event_header = {
- /*
- * All EV_NO_ACTION events SHALL set
- * TCG_PCR_EVENT2.pcrIndex = 0, unless otherwise specified
- */
- .pcr_index = PCR_0,
-
- /*
- * All EV_NO_ACTION events SHALL set
- * TCG_PCR_EVENT2.eventType = 03h
- */
- .event_type = EV_NO_ACTION,
-
- /*
- * All EV_NO_ACTION events SHALL set TCG_PCR_EVENT2.digests to all
- * 0x00's for each allocated Hash algorithm
- */
- .digests = {
- .count = HASH_ALG_COUNT
- }
-};
-
-/*
- * Add TCG_PCR_EVENT2 event
- *
- * @param[in] hash Pointer to hash data of TCG_DIGEST_SIZE bytes
- * @param[in] image_ptr Pointer to image_data_t structure
- *
- * There must be room for storing this new event into the event log buffer.
- */
-static void add_event2(const uint8_t *hash, const image_data_t *image_ptr)
-{
- void *ptr = log_ptr;
- uint32_t name_len;
-
- assert(image_ptr != NULL);
- assert(image_ptr->name != NULL);
-
- name_len = (uint32_t)strlen(image_ptr->name) + 1U;
-
- /* Check for space in Event Log buffer */
- assert(((uintptr_t)ptr + (uint32_t)EVENT2_HDR_SIZE + name_len) <=
- EVENT_LOG_END);
-
- /*
- * As per TCG specifications, firmware components that are measured
- * into PCR[0] must be logged in the event log using the event type
- * EV_POST_CODE.
- */
- /* TCG_PCR_EVENT2.PCRIndex */
- ((event2_header_t *)ptr)->pcr_index = image_ptr->pcr;
-
- /* TCG_PCR_EVENT2.EventType */
- ((event2_header_t *)ptr)->event_type = EV_POST_CODE;
-
- /* TCG_PCR_EVENT2.Digests.Count */
- ptr = (uint8_t *)ptr + offsetof(event2_header_t, digests);
- ((tpml_digest_values *)ptr)->count = HASH_ALG_COUNT;
-
- /* TCG_PCR_EVENT2.Digests[] */
- ptr = (uint8_t *)((uintptr_t)ptr +
- offsetof(tpml_digest_values, digests));
-
- /* TCG_PCR_EVENT2.Digests[].AlgorithmId */
- ((tpmt_ha *)ptr)->algorithm_id = TPM_ALG_ID;
-
- /* TCG_PCR_EVENT2.Digests[].Digest[] */
- ptr = (uint8_t *)((uintptr_t)ptr + offsetof(tpmt_ha, digest));
-
- if (hash == NULL) {
- /* Get BL2 hash from DTB */
- bl2_plat_get_hash(ptr);
- } else {
- /* Copy digest */
- (void)memcpy(ptr, (const void *)hash, TCG_DIGEST_SIZE);
- }
-
- /* TCG_PCR_EVENT2.EventSize */
- ptr = (uint8_t *)((uintptr_t)ptr + TCG_DIGEST_SIZE);
- ((event2_data_t *)ptr)->event_size = name_len;
-
- /* Copy event data to TCG_PCR_EVENT2.Event */
- (void)memcpy((void *)(((event2_data_t *)ptr)->event),
- (const void *)image_ptr->name, name_len);
-
- /* End of event data */
- log_ptr = (uint8_t *)((uintptr_t)ptr +
- offsetof(event2_data_t, event) + name_len);
-}
-
-/*
- * Init Event Log
- *
- * Initialises Event Log by writing Specification ID and
- * Startup Locality events.
- */
-void event_log_init(void)
-{
- const char locality_signature[] = TCG_STARTUP_LOCALITY_SIGNATURE;
- void *ptr = event_log;
-
- /* Get pointer to platform's measured_boot_data_t structure */
- plat_data_ptr = plat_get_measured_boot_data();
-
- /*
- * Add Specification ID Event first
- *
- * Copy TCG_EfiSpecIDEventStruct structure header
- */
- (void)memcpy(ptr, (const void *)&id_event_header,
- sizeof(id_event_header));
- ptr = (uint8_t *)((uintptr_t)ptr + sizeof(id_event_header));
-
- /* TCG_EfiSpecIdEventAlgorithmSize structure */
- ((id_event_algorithm_size_t *)ptr)->algorithm_id = TPM_ALG_ID;
- ((id_event_algorithm_size_t *)ptr)->digest_size = TCG_DIGEST_SIZE;
- ptr = (uint8_t *)((uintptr_t)ptr + sizeof(id_event_algorithm_size_t));
-
- /*
- * TCG_EfiSpecIDEventStruct.vendorInfoSize
- * No vendor data
- */
- ((id_event_struct_data_t *)ptr)->vendor_info_size = 0;
- ptr = (uint8_t *)((uintptr_t)ptr +
- offsetof(id_event_struct_data_t, vendor_info));
-
- /*
- * The Startup Locality event should be placed in the log before
- * any event which extends PCR[0].
- *
- * Ref. TCG PC Client Platform Firmware Profile 9.4.5.3
- */
-
- /* Copy Startup Locality Event Header */
- (void)memcpy(ptr, (const void *)&locality_event_header,
- sizeof(locality_event_header));
- ptr = (uint8_t *)((uintptr_t)ptr + sizeof(locality_event_header));
-
- /* TCG_PCR_EVENT2.Digests[].AlgorithmId */
- ((tpmt_ha *)ptr)->algorithm_id = TPM_ALG_ID;
-
- /* TCG_PCR_EVENT2.Digests[].Digest[] */
- (void)memset(&((tpmt_ha *)ptr)->digest, 0, TPM_ALG_ID);
- ptr = (uint8_t *)((uintptr_t)ptr +
- offsetof(tpmt_ha, digest) + TCG_DIGEST_SIZE);
-
- /* TCG_PCR_EVENT2.EventSize */
- ((event2_data_t *)ptr)->event_size =
- (uint32_t)sizeof(startup_locality_event_t);
- ptr = (uint8_t *)((uintptr_t)ptr + offsetof(event2_data_t, event));
-
- /* TCG_EfiStartupLocalityEvent.Signature */
- (void)memcpy(ptr, (const void *)locality_signature,
- sizeof(TCG_STARTUP_LOCALITY_SIGNATURE));
-
- /*
- * TCG_EfiStartupLocalityEvent.StartupLocality = 0:
- * the platform's boot firmware
- */
- ((startup_locality_event_t *)ptr)->startup_locality = 0U;
- ptr = (uint8_t *)((uintptr_t)ptr + sizeof(startup_locality_event_t));
-
- log_ptr = (uint8_t *)ptr;
-
- /* Add BL2 event */
- add_event2(NULL, plat_data_ptr->images_data);
-}
-
-/*
- * Calculate and write hash of image, configuration data, etc.
- * to Event Log.
- *
- * @param[in] data_base Address of data
- * @param[in] data_size Size of data
- * @param[in] data_id Data ID
- * @return:
- * 0 = success
- * < 0 = error
- */
-int tpm_record_measurement(uintptr_t data_base, uint32_t data_size,
- uint32_t data_id)
-{
- const image_data_t *data_ptr = plat_data_ptr->images_data;
- unsigned char hash_data[MBEDTLS_MD_MAX_SIZE];
- int rc;
-
- /* Get the metadata associated with this image. */
- while ((data_ptr->id != INVALID_ID) && (data_ptr->id != data_id)) {
- data_ptr++;
- }
- assert(data_ptr->id != INVALID_ID);
-
- if (data_id == TOS_FW_CONFIG_ID) {
- tos_fw_config_base = data_base;
- } else if (data_id == NT_FW_CONFIG_ID) {
- nt_fw_config_base = data_base;
- } else {
- /* No action */
- }
-
- /* Calculate hash */
- rc = crypto_mod_calc_hash((unsigned int)MBEDTLS_MD_ID,
- (void *)data_base, data_size, hash_data);
- if (rc != 0) {
- return rc;
- }
-
- add_event2(hash_data, data_ptr);
- return 0;
-}
-
-/*
- * Finalise Event Log
- *
- * @param[out] log_addr Pointer to return Event Log address
- * @param[out] log_size Pointer to return Event Log size
- * @return:
- * 0 = success
- * < 0 = error code
- */
-int event_log_finalise(uint8_t **log_addr, size_t *log_size)
-{
- /* Event Log size */
- size_t num_bytes = (uintptr_t)log_ptr - (uintptr_t)event_log;
- int rc;
-
- assert(log_addr != NULL);
- assert(log_size != NULL);
-
- if (nt_fw_config_base == 0UL) {
- ERROR("%s(): %s_FW_CONFIG not loaded\n", __func__, "NT");
- return -ENOENT;
- }
-
- /*
- * Set Event Log data in NT_FW_CONFIG and
- * get Event Log address in Non-Secure memory
- */
- if (plat_data_ptr->set_nt_fw_info != NULL) {
-
- /* Event Log address in Non-Secure memory */
- uintptr_t ns_log_addr;
-
- rc = plat_data_ptr->set_nt_fw_info(
- nt_fw_config_base,
-#ifdef SPD_opteed
- (uintptr_t)event_log,
-#endif
- num_bytes, &ns_log_addr);
- if (rc != 0) {
- ERROR("%s(): Unable to update %s_FW_CONFIG\n",
- __func__, "NT");
- return rc;
- }
-
- /* Copy Event Log to Non-secure memory */
- (void)memcpy((void *)ns_log_addr, (const void *)event_log,
- num_bytes);
-
- /* Ensure that the Event Log is visible in Non-secure memory */
- flush_dcache_range(ns_log_addr, num_bytes);
-
- /* Return Event Log address in Non-Secure memory */
- *log_addr = (uint8_t *)ns_log_addr;
-
- } else {
- INFO("%s(): set_%s_fw_info not set\n", __func__, "nt");
-
- /* Return Event Log address in Secure memory */
- *log_addr = event_log;
- }
-
- if (tos_fw_config_base != 0UL) {
- if (plat_data_ptr->set_tos_fw_info != NULL) {
-
- /* Set Event Log data in TOS_FW_CONFIG */
- rc = plat_data_ptr->set_tos_fw_info(
- tos_fw_config_base,
- (uintptr_t)event_log,
- num_bytes);
- if (rc != 0) {
- ERROR("%s(): Unable to update %s_FW_CONFIG\n",
- __func__, "TOS");
- return rc;
- }
- } else {
- INFO("%s(): set_%s_fw_info not set\n", __func__, "tos");
- }
- } else {
- INFO("%s(): %s_FW_CONFIG not loaded\n", __func__, "TOS");
- }
-
- /* Ensure that the Event Log is visible in Secure memory */
- flush_dcache_range((uintptr_t)event_log, num_bytes);
-
- /* Return Event Log size */
- *log_size = num_bytes;
-
- return 0;
-}
diff --git a/drivers/measured_boot/event_log/event_log.c b/drivers/measured_boot/event_log/event_log.c
new file mode 100644
index 0000000..1755dd9
--- /dev/null
+++ b/drivers/measured_boot/event_log/event_log.c
@@ -0,0 +1,284 @@
+/*
+ * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <errno.h>
+#include <string.h>
+#include <arch_helpers.h>
+
+#include <common/bl_common.h>
+#include <common/debug.h>
+#include <drivers/auth/crypto_mod.h>
+#include <drivers/measured_boot/event_log/event_log.h>
+#include <mbedtls/md.h>
+
+#include <plat/common/platform.h>
+
+/* Running Event Log Pointer */
+static uint8_t *log_ptr;
+
+/* Pointer to the first byte past end of the Event Log buffer */
+static uintptr_t log_end;
+
+/* Pointer to event_log_metadata_t */
+static const event_log_metadata_t *plat_metadata_ptr;
+
+/* TCG_EfiSpecIdEvent */
+static const id_event_headers_t id_event_header = {
+ .header = {
+ .pcr_index = PCR_0,
+ .event_type = EV_NO_ACTION,
+ .digest = {0},
+ .event_size = (uint32_t)(sizeof(id_event_struct_t) +
+ (sizeof(id_event_algorithm_size_t) *
+ HASH_ALG_COUNT))
+ },
+
+ .struct_header = {
+ .signature = TCG_ID_EVENT_SIGNATURE_03,
+ .platform_class = PLATFORM_CLASS_CLIENT,
+ .spec_version_minor = TCG_SPEC_VERSION_MINOR_TPM2,
+ .spec_version_major = TCG_SPEC_VERSION_MAJOR_TPM2,
+ .spec_errata = TCG_SPEC_ERRATA_TPM2,
+ .uintn_size = (uint8_t)(sizeof(unsigned int) /
+ sizeof(uint32_t)),
+ .number_of_algorithms = HASH_ALG_COUNT
+ }
+};
+
+static const event2_header_t locality_event_header = {
+ /*
+ * All EV_NO_ACTION events SHALL set
+ * TCG_PCR_EVENT2.pcrIndex = 0, unless otherwise specified
+ */
+ .pcr_index = PCR_0,
+
+ /*
+ * All EV_NO_ACTION events SHALL set
+ * TCG_PCR_EVENT2.eventType = 03h
+ */
+ .event_type = EV_NO_ACTION,
+
+ /*
+ * All EV_NO_ACTION events SHALL set TCG_PCR_EVENT2.digests to all
+ * 0x00's for each allocated Hash algorithm
+ */
+ .digests = {
+ .count = HASH_ALG_COUNT
+ }
+};
+
+/*
+ * Record a measurement as a TCG_PCR_EVENT2 event
+ *
+ * @param[in] hash Pointer to hash data of TCG_DIGEST_SIZE bytes
+ * @param[in] metadata_ptr Pointer to event_log_metadata_t structure
+ *
+ * There must be room for storing this new event into the event log buffer.
+ */
+static void event_log_record(const uint8_t *hash,
+ const event_log_metadata_t *metadata_ptr)
+{
+ void *ptr = log_ptr;
+ uint32_t name_len;
+
+ assert(hash != NULL);
+ assert(metadata_ptr != NULL);
+ assert(metadata_ptr->name != NULL);
+ /* event_log_init() must have been called prior to this. */
+ assert(log_ptr != NULL);
+
+ name_len = (uint32_t)strlen(metadata_ptr->name) + 1U;
+
+ /* Check for space in Event Log buffer */
+ assert(((uintptr_t)ptr + (uint32_t)EVENT2_HDR_SIZE + name_len) <
+ log_end);
+
+ /*
+ * As per TCG specifications, firmware components that are measured
+ * into PCR[0] must be logged in the event log using the event type
+ * EV_POST_CODE.
+ */
+ /* TCG_PCR_EVENT2.PCRIndex */
+ ((event2_header_t *)ptr)->pcr_index = metadata_ptr->pcr;
+
+ /* TCG_PCR_EVENT2.EventType */
+ ((event2_header_t *)ptr)->event_type = EV_POST_CODE;
+
+ /* TCG_PCR_EVENT2.Digests.Count */
+ ptr = (uint8_t *)ptr + offsetof(event2_header_t, digests);
+ ((tpml_digest_values *)ptr)->count = HASH_ALG_COUNT;
+
+ /* TCG_PCR_EVENT2.Digests[] */
+ ptr = (uint8_t *)((uintptr_t)ptr +
+ offsetof(tpml_digest_values, digests));
+
+ /* TCG_PCR_EVENT2.Digests[].AlgorithmId */
+ ((tpmt_ha *)ptr)->algorithm_id = TPM_ALG_ID;
+
+ /* TCG_PCR_EVENT2.Digests[].Digest[] */
+ ptr = (uint8_t *)((uintptr_t)ptr + offsetof(tpmt_ha, digest));
+
+ /* Copy digest */
+ (void)memcpy(ptr, (const void *)hash, TCG_DIGEST_SIZE);
+
+ /* TCG_PCR_EVENT2.EventSize */
+ ptr = (uint8_t *)((uintptr_t)ptr + TCG_DIGEST_SIZE);
+ ((event2_data_t *)ptr)->event_size = name_len;
+
+ /* Copy event data to TCG_PCR_EVENT2.Event */
+ (void)memcpy((void *)(((event2_data_t *)ptr)->event),
+ (const void *)metadata_ptr->name, name_len);
+
+ /* End of event data */
+ log_ptr = (uint8_t *)((uintptr_t)ptr +
+ offsetof(event2_data_t, event) + name_len);
+}
+
+/*
+ * Initialise Event Log global variables, used during the recording
+ * of various payload measurements into the Event Log buffer
+ *
+ * @param[in] event_log_start Base address of Event Log buffer
+ * @param[in] event_log_finish End address of Event Log buffer,
+ * it is a first byte past end of the
+ * buffer
+ */
+void event_log_init(uint8_t *event_log_start, uint8_t *event_log_finish)
+{
+ assert(event_log_start != NULL);
+ assert(event_log_finish > event_log_start);
+
+ log_ptr = event_log_start;
+ log_end = (uintptr_t)event_log_finish;
+
+ /* Get pointer to platform's event_log_metadata_t structure */
+ plat_metadata_ptr = plat_event_log_get_metadata();
+ assert(plat_metadata_ptr != NULL);
+}
+
+/*
+ * Initialises Event Log by writing Specification ID and
+ * Startup Locality events
+ */
+void event_log_write_header(void)
+{
+ const char locality_signature[] = TCG_STARTUP_LOCALITY_SIGNATURE;
+ void *ptr = log_ptr;
+
+ /* event_log_init() must have been called prior to this. */
+ assert(log_ptr != NULL);
+
+ /*
+ * Add Specification ID Event first
+ *
+ * Copy TCG_EfiSpecIDEventStruct structure header
+ */
+ (void)memcpy(ptr, (const void *)&id_event_header,
+ sizeof(id_event_header));
+ ptr = (uint8_t *)((uintptr_t)ptr + sizeof(id_event_header));
+
+ /* TCG_EfiSpecIdEventAlgorithmSize structure */
+ ((id_event_algorithm_size_t *)ptr)->algorithm_id = TPM_ALG_ID;
+ ((id_event_algorithm_size_t *)ptr)->digest_size = TCG_DIGEST_SIZE;
+ ptr = (uint8_t *)((uintptr_t)ptr + sizeof(id_event_algorithm_size_t));
+
+ /*
+ * TCG_EfiSpecIDEventStruct.vendorInfoSize
+ * No vendor data
+ */
+ ((id_event_struct_data_t *)ptr)->vendor_info_size = 0;
+ ptr = (uint8_t *)((uintptr_t)ptr +
+ offsetof(id_event_struct_data_t, vendor_info));
+
+ /*
+ * The Startup Locality event should be placed in the log before
+ * any event which extends PCR[0].
+ *
+ * Ref. TCG PC Client Platform Firmware Profile 9.4.5.3
+ */
+
+ /* Copy Startup Locality Event Header */
+ (void)memcpy(ptr, (const void *)&locality_event_header,
+ sizeof(locality_event_header));
+ ptr = (uint8_t *)((uintptr_t)ptr + sizeof(locality_event_header));
+
+ /* TCG_PCR_EVENT2.Digests[].AlgorithmId */
+ ((tpmt_ha *)ptr)->algorithm_id = TPM_ALG_ID;
+
+ /* TCG_PCR_EVENT2.Digests[].Digest[] */
+ (void)memset(&((tpmt_ha *)ptr)->digest, 0, TPM_ALG_ID);
+ ptr = (uint8_t *)((uintptr_t)ptr +
+ offsetof(tpmt_ha, digest) + TCG_DIGEST_SIZE);
+
+ /* TCG_PCR_EVENT2.EventSize */
+ ((event2_data_t *)ptr)->event_size =
+ (uint32_t)sizeof(startup_locality_event_t);
+ ptr = (uint8_t *)((uintptr_t)ptr + offsetof(event2_data_t, event));
+
+ /* TCG_EfiStartupLocalityEvent.Signature */
+ (void)memcpy(ptr, (const void *)locality_signature,
+ sizeof(TCG_STARTUP_LOCALITY_SIGNATURE));
+
+ /*
+ * TCG_EfiStartupLocalityEvent.StartupLocality = 0:
+ * the platform's boot firmware
+ */
+ ((startup_locality_event_t *)ptr)->startup_locality = 0U;
+ log_ptr = (uint8_t *)((uintptr_t)ptr + sizeof(startup_locality_event_t));
+}
+
+/*
+ * Calculate and write hash of image, configuration data, etc.
+ * to Event Log.
+ *
+ * @param[in] data_base Address of data
+ * @param[in] data_size Size of data
+ * @param[in] data_id Data ID
+ * @return:
+ * 0 = success
+ * < 0 = error
+ */
+int event_log_measure_and_record(uintptr_t data_base, uint32_t data_size,
+ uint32_t data_id)
+{
+ unsigned char hash_data[MBEDTLS_MD_MAX_SIZE];
+ int rc;
+ const event_log_metadata_t *metadata_ptr = plat_metadata_ptr;
+
+ /* Get the metadata associated with this image. */
+ while ((metadata_ptr->id != INVALID_ID) &&
+ (metadata_ptr->id != data_id)) {
+ metadata_ptr++;
+ }
+ assert(metadata_ptr->id != INVALID_ID);
+
+ /* Calculate hash */
+ rc = crypto_mod_calc_hash((unsigned int)MBEDTLS_MD_ID,
+ (void *)data_base, data_size, hash_data);
+ if (rc != 0) {
+ return rc;
+ }
+
+ event_log_record(hash_data, metadata_ptr);
+
+ return 0;
+}
+
+/*
+ * Get current Event Log buffer size i.e. used space of Event Log buffer
+ *
+ * @param[in] event_log_start Base Pointer to Event Log buffer
+ *
+ * @return: current Size of Event Log buffer
+ */
+size_t event_log_get_cur_size(uint8_t *event_log_start)
+{
+ assert(event_log_start != NULL);
+ assert(log_ptr >= event_log_start);
+
+ return (size_t)((uintptr_t)log_ptr - (uintptr_t)event_log_start);
+}
diff --git a/drivers/measured_boot/measured_boot.mk b/drivers/measured_boot/event_log/event_log.mk
similarity index 63%
rename from drivers/measured_boot/measured_boot.mk
rename to drivers/measured_boot/event_log/event_log.mk
index 497fdba..37e5e29 100644
--- a/drivers/measured_boot/measured_boot.mk
+++ b/drivers/measured_boot/event_log/event_log.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2020, Arm Limited. All rights reserved.
+# Copyright (c) 2020-2021, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -7,7 +7,8 @@
# Default log level to dump the event log (LOG_LEVEL_INFO)
EVENT_LOG_LEVEL ?= 40
-# TPM hash algorithm
+# TPM hash algorithm.
+# SHA-256 (or stronger) is required for all devices that are TPM 2.0 compliant.
TPM_HASH_ALG := sha256
ifeq (${TPM_HASH_ALG}, sha512)
@@ -24,8 +25,6 @@
TCG_DIGEST_SIZE := 32U
endif
-# Event Log length in bytes
-EVENT_LOG_SIZE := 1024
# Set definitions for mbed TLS library and Measured Boot driver
$(eval $(call add_defines,\
@@ -33,20 +32,19 @@
MBEDTLS_MD_ID \
TPM_ALG_ID \
TCG_DIGEST_SIZE \
- EVENT_LOG_SIZE \
EVENT_LOG_LEVEL \
)))
ifeq (${HASH_ALG}, sha256)
-ifneq (${TPM_HASH_ALG}, sha256)
-$(eval $(call add_define,MBEDTLS_SHA512_C))
-endif
+ ifneq (${TPM_HASH_ALG}, sha256)
+ $(eval $(call add_define,MBEDTLS_SHA512_C))
+ endif
endif
-MEASURED_BOOT_SRC_DIR := drivers/measured_boot/
+MEASURED_BOOT_SRC_DIR := drivers/measured_boot/event_log/
-MEASURED_BOOT_SOURCES := ${MEASURED_BOOT_SRC_DIR}measured_boot.c \
- ${MEASURED_BOOT_SRC_DIR}event_log.c \
- ${MEASURED_BOOT_SRC_DIR}event_print.c
+MEASURED_BOOT_SOURCES := ${MEASURED_BOOT_SRC_DIR}event_log.c \
+ ${MEASURED_BOOT_SRC_DIR}event_print.c
BL2_SOURCES += ${MEASURED_BOOT_SOURCES}
+BL1_SOURCES += ${MEASURED_BOOT_SOURCES}
diff --git a/drivers/measured_boot/event_print.c b/drivers/measured_boot/event_log/event_print.c
similarity index 98%
rename from drivers/measured_boot/event_print.c
rename to drivers/measured_boot/event_log/event_print.c
index 84ed4b1..e2ba174 100644
--- a/drivers/measured_boot/event_print.c
+++ b/drivers/measured_boot/event_log/event_print.c
@@ -8,7 +8,7 @@
#include <string.h>
#include <common/debug.h>
-#include <drivers/measured_boot/event_log.h>
+#include <drivers/measured_boot/event_log/event_log.h>
#if LOG_LEVEL >= EVENT_LOG_LEVEL
diff --git a/drivers/measured_boot/measured_boot.c b/drivers/measured_boot/measured_boot.c
deleted file mode 100644
index 37fddfb..0000000
--- a/drivers/measured_boot/measured_boot.c
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <assert.h>
-
-#include <common/debug.h>
-#include <drivers/measured_boot/measured_boot.h>
-
-/*
- * Init Measured Boot driver
- *
- * Initialises Event Log.
- */
-void measured_boot_init(void)
-{
- event_log_init();
-}
-
-/*
- * Finish Measured Boot driver
- *
- * Finalises Event Log and dumps the records to the debug console.
- */
-void measured_boot_finish(void)
-{
- uint8_t *log_addr;
- size_t log_size;
- int rc;
-
- rc = event_log_finalise(&log_addr, &log_size);
- if (rc != 0) {
- panic();
- }
-
- dump_event_log(log_addr, log_size);
-}
diff --git a/include/arch/aarch64/arch.h b/include/arch/aarch64/arch.h
index 0ad9754..74bc8cb 100644
--- a/include/arch/aarch64/arch.h
+++ b/include/arch/aarch64/arch.h
@@ -585,6 +585,10 @@
#define CPTR_EL2_TZ_BIT (U(1) << 8)
#define CPTR_EL2_RESET_VAL CPTR_EL2_RES1
+/* VTCR_EL2 definitions */
+#define VTCR_RESET_VAL U(0x0)
+#define VTCR_EL2_MSA (U(1) << 31)
+
/* CPSR/SPSR definitions */
#define DAIF_FIQ_BIT (U(1) << 0)
#define DAIF_IRQ_BIT (U(1) << 1)
diff --git a/include/arch/aarch64/arch_helpers.h b/include/arch/aarch64/arch_helpers.h
index 1aadf0b..cae05dc 100644
--- a/include/arch/aarch64/arch_helpers.h
+++ b/include/arch/aarch64/arch_helpers.h
@@ -442,6 +442,8 @@
DEFINE_SYSREG_READ_FUNC(cntpct_el0)
DEFINE_SYSREG_RW_FUNCS(cnthctl_el2)
+DEFINE_SYSREG_RW_FUNCS(vtcr_el2)
+
#define get_cntp_ctl_enable(x) (((x) >> CNTP_CTL_ENABLE_SHIFT) & \
CNTP_CTL_ENABLE_MASK)
#define get_cntp_ctl_imask(x) (((x) >> CNTP_CTL_IMASK_SHIFT) & \
diff --git a/include/drivers/measured_boot/event_log.h b/include/drivers/measured_boot/event_log.h
deleted file mode 100644
index efde117..0000000
--- a/include/drivers/measured_boot/event_log.h
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef EVENT_LOG_H
-#define EVENT_LOG_H
-
-#include <stdint.h>
-
-#include <common/debug.h>
-#include <drivers/measured_boot/tcg.h>
-
-/*
- * Set Event Log debug level to one of:
- *
- * LOG_LEVEL_ERROR
- * LOG_LEVEL_INFO
- * LOG_LEVEL_WARNING
- * LOG_LEVEL_VERBOSE
- */
-#if EVENT_LOG_LEVEL == LOG_LEVEL_ERROR
-#define LOG_EVENT ERROR
-#elif EVENT_LOG_LEVEL == LOG_LEVEL_NOTICE
-#define LOG_EVENT NOTICE
-#elif EVENT_LOG_LEVEL == LOG_LEVEL_WARNING
-#define LOG_EVENT WARN
-#elif EVENT_LOG_LEVEL == LOG_LEVEL_INFO
-#define LOG_EVENT INFO
-#elif EVENT_LOG_LEVEL == LOG_LEVEL_VERBOSE
-#define LOG_EVENT VERBOSE
-#else
-#error "Not supported EVENT_LOG_LEVEL"
-#endif
-
-/* Number of hashing algorithms supported */
-#define HASH_ALG_COUNT 1U
-
-#define INVALID_ID MAX_NUMBER_IDS
-
-#define MEMBER_SIZE(type, member) sizeof(((type *)0)->member)
-
-#define BL2_STRING "BL_2"
-#define BL31_STRING "BL_31"
-#define BL32_STRING "BL_32"
-#define BL32_EXTRA1_IMAGE_STRING "BL32_EXTRA1_IMAGE"
-#define BL32_EXTRA2_IMAGE_STRING "BL32_EXTRA2_IMAGE"
-#define BL33_STRING "BL_33"
-#define GPT_IMAGE_STRING "GPT"
-#define HW_CONFIG_STRING "HW_CONFIG"
-#define NT_FW_CONFIG_STRING "NT_FW_CONFIG"
-#define SCP_BL2_IMAGE_STRING "SCP_BL2_IMAGE"
-#define SOC_FW_CONFIG_STRING "SOC_FW_CONFIG"
-#define STM32_IMAGE_STRING "STM32"
-#define TOS_FW_CONFIG_STRING "TOS_FW_CONFIG"
-
-typedef struct {
- unsigned int id;
- const char *name;
- unsigned int pcr;
-} image_data_t;
-
-typedef struct {
- const image_data_t *images_data;
- int (*set_nt_fw_info)(uintptr_t config_base,
-#ifdef SPD_opteed
- uintptr_t log_addr,
-#endif
- size_t log_size, uintptr_t *ns_log_addr);
- int (*set_tos_fw_info)(uintptr_t config_base, uintptr_t log_addr,
- size_t log_size);
-} measured_boot_data_t;
-
-#define ID_EVENT_SIZE (sizeof(id_event_headers_t) + \
- (sizeof(id_event_algorithm_size_t) * HASH_ALG_COUNT) + \
- sizeof(id_event_struct_data_t))
-
-#define LOC_EVENT_SIZE (sizeof(event2_header_t) + \
- sizeof(tpmt_ha) + TCG_DIGEST_SIZE + \
- sizeof(event2_data_t) + \
- sizeof(startup_locality_event_t))
-
-#define LOG_MIN_SIZE (ID_EVENT_SIZE + LOC_EVENT_SIZE)
-
-#define EVENT2_HDR_SIZE (sizeof(event2_header_t) + \
- sizeof(tpmt_ha) + TCG_DIGEST_SIZE + \
- sizeof(event2_data_t))
-
-/* Functions' declarations */
-void event_log_init(void);
-int event_log_finalise(uint8_t **log_addr, size_t *log_size);
-void dump_event_log(uint8_t *log_addr, size_t log_size);
-const measured_boot_data_t *plat_get_measured_boot_data(void);
-int tpm_record_measurement(uintptr_t data_base, uint32_t data_size,
- uint32_t data_id);
-#endif /* EVENT_LOG_H */
diff --git a/include/drivers/measured_boot/event_log/event_log.h b/include/drivers/measured_boot/event_log/event_log.h
new file mode 100644
index 0000000..c6eb29c
--- /dev/null
+++ b/include/drivers/measured_boot/event_log/event_log.h
@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef EVENT_LOG_H
+#define EVENT_LOG_H
+
+#include <stdint.h>
+
+#include <common/debug.h>
+#include <common/tbbr/tbbr_img_def.h>
+#include <drivers/measured_boot/event_log/tcg.h>
+
+/*
+ * Set Event Log debug level to one of:
+ *
+ * LOG_LEVEL_ERROR
+ * LOG_LEVEL_INFO
+ * LOG_LEVEL_WARNING
+ * LOG_LEVEL_VERBOSE
+ */
+#if EVENT_LOG_LEVEL == LOG_LEVEL_ERROR
+#define LOG_EVENT ERROR
+#elif EVENT_LOG_LEVEL == LOG_LEVEL_NOTICE
+#define LOG_EVENT NOTICE
+#elif EVENT_LOG_LEVEL == LOG_LEVEL_WARNING
+#define LOG_EVENT WARN
+#elif EVENT_LOG_LEVEL == LOG_LEVEL_INFO
+#define LOG_EVENT INFO
+#elif EVENT_LOG_LEVEL == LOG_LEVEL_VERBOSE
+#define LOG_EVENT VERBOSE
+#else
+#error "Not supported EVENT_LOG_LEVEL"
+#endif
+
+/* Number of hashing algorithms supported */
+#define HASH_ALG_COUNT 1U
+
+#define INVALID_ID MAX_NUMBER_IDS
+
+#define MEMBER_SIZE(type, member) sizeof(((type *)0)->member)
+
+/*
+ * Each event log entry has some metadata (i.e. a string) that identifies
+ * what is measured.These macros define these strings.
+ * Note that these strings follow the standardization recommendations
+ * defined in the Arm Server Base Security Guide (a.k.a. SBSG, Arm DEN 0086),
+ * where applicable. They should not be changed in the code.
+ * Where the SBSG does not make recommendations, we are free to choose any
+ * naming convention.
+ * The key thing is to choose meaningful strings so that when the TPM event
+ * log is used in attestation, the different components can be identified.
+ */
+#define EVLOG_BL2_STRING "BL_2"
+#define EVLOG_BL31_STRING "SECURE_RT_EL3"
+#if defined(SPD_opteed)
+#define EVLOG_BL32_STRING "SECURE_RT_EL1_OPTEE"
+#elif defined(SPD_tspd)
+#define EVLOG_BL32_STRING "SECURE_RT_EL1_TSPD"
+#elif defined(SPD_tlkd)
+#define EVLOG_BL32_STRING "SECURE_RT_EL1_TLKD"
+#elif defined(SPD_trusty)
+#define EVLOG_BL32_STRING "SECURE_RT_EL1_TRUSTY"
+#else
+#define EVLOG_BL32_STRING "SECURE_RT_EL1_UNKNOWN"
+#endif
+#define EVLOG_BL32_EXTRA1_STRING "SECURE_RT_EL1_OPTEE_EXTRA1"
+#define EVLOG_BL32_EXTRA2_STRING "SECURE_RT_EL1_OPTEE_EXTRA2"
+#define EVLOG_BL33_STRING "BL_33"
+#define EVLOG_FW_CONFIG_STRING "FW_CONFIG"
+#define EVLOG_HW_CONFIG_STRING "HW_CONFIG"
+#define EVLOG_NT_FW_CONFIG_STRING "NT_FW_CONFIG"
+#define EVLOG_SCP_BL2_STRING "SYS_CTRL_2"
+#define EVLOG_SOC_FW_CONFIG_STRING "SOC_FW_CONFIG"
+#define EVLOG_STM32_STRING "STM32"
+#define EVLOG_TB_FW_CONFIG_STRING "TB_FW_CONFIG"
+#define EVLOG_TOS_FW_CONFIG_STRING "TOS_FW_CONFIG"
+
+typedef struct {
+ unsigned int id;
+ const char *name;
+ unsigned int pcr;
+} event_log_metadata_t;
+
+#define ID_EVENT_SIZE (sizeof(id_event_headers_t) + \
+ (sizeof(id_event_algorithm_size_t) * HASH_ALG_COUNT) + \
+ sizeof(id_event_struct_data_t))
+
+#define LOC_EVENT_SIZE (sizeof(event2_header_t) + \
+ sizeof(tpmt_ha) + TCG_DIGEST_SIZE + \
+ sizeof(event2_data_t) + \
+ sizeof(startup_locality_event_t))
+
+#define LOG_MIN_SIZE (ID_EVENT_SIZE + LOC_EVENT_SIZE)
+
+#define EVENT2_HDR_SIZE (sizeof(event2_header_t) + \
+ sizeof(tpmt_ha) + TCG_DIGEST_SIZE + \
+ sizeof(event2_data_t))
+
+/* Functions' declarations */
+void event_log_init(uint8_t *event_log_start, uint8_t *event_log_finish);
+void event_log_write_header(void);
+void dump_event_log(uint8_t *log_addr, size_t log_size);
+const event_log_metadata_t *plat_event_log_get_metadata(void);
+int event_log_measure_and_record(uintptr_t data_base, uint32_t data_size,
+ uint32_t data_id);
+size_t event_log_get_cur_size(uint8_t *event_log_start);
+
+#endif /* EVENT_LOG_H */
diff --git a/include/drivers/measured_boot/tcg.h b/include/drivers/measured_boot/event_log/tcg.h
similarity index 100%
rename from include/drivers/measured_boot/tcg.h
rename to include/drivers/measured_boot/event_log/tcg.h
diff --git a/include/drivers/measured_boot/measured_boot.h b/include/drivers/measured_boot/measured_boot.h
deleted file mode 100644
index 05be4a9..0000000
--- a/include/drivers/measured_boot/measured_boot.h
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
- * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef MEASURED_BOOT_H
-#define MEASURED_BOOT_H
-
-#include <stdint.h>
-
-#include <drivers/measured_boot/event_log.h>
-
-/* Functions' declarations */
-void measured_boot_init(void);
-void measured_boot_finish(void);
-
-#endif /* MEASURED_BOOT_H */
diff --git a/include/lib/fconf/fconf_tbbr_getter.h b/include/lib/fconf/fconf_tbbr_getter.h
index 6066af6..db98b68 100644
--- a/include/lib/fconf/fconf_tbbr_getter.h
+++ b/include/lib/fconf/fconf_tbbr_getter.h
@@ -23,9 +23,6 @@
uint32_t disable_auth;
void *mbedtls_heap_addr;
size_t mbedtls_heap_size;
-#if MEASURED_BOOT
- uint8_t bl2_hash_data[TCG_DIGEST_SIZE];
-#endif
};
extern struct tbbr_dyn_config_t tbbr_dyn_config;
diff --git a/include/plat/arm/common/arm_dyn_cfg_helpers.h b/include/plat/arm/common/arm_dyn_cfg_helpers.h
index 34bf07c..ff00fe7 100644
--- a/include/plat/arm/common/arm_dyn_cfg_helpers.h
+++ b/include/plat/arm/common/arm_dyn_cfg_helpers.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,8 +14,4 @@
int arm_set_dtb_mbedtls_heap_info(void *dtb, void *heap_addr,
size_t heap_size);
-#if MEASURED_BOOT
-int arm_set_bl2_hash_info(void *dtb, void *data);
-#endif
-
#endif /* ARM_DYN_CFG_HELPERS_H */
diff --git a/include/plat/arm/common/plat_arm.h b/include/plat/arm/common/plat_arm.h
index 1500ed3..9618700 100644
--- a/include/plat/arm/common/plat_arm.h
+++ b/include/plat/arm/common/plat_arm.h
@@ -250,12 +250,8 @@
int arm_get_mbedtls_heap(void **heap_addr, size_t *heap_size);
#if MEASURED_BOOT
-/* Measured boot related functions */
-void arm_bl1_set_bl2_hash(const image_desc_t *image_desc);
-void arm_bl2_get_hash(void *data);
-int arm_set_tos_fw_info(uintptr_t config_base, uintptr_t log_addr,
- size_t log_size);
-int arm_set_nt_fw_info(uintptr_t config_base,
+int arm_set_tos_fw_info(uintptr_t log_addr, size_t log_size);
+int arm_set_nt_fw_info(
/*
* Currently OP-TEE does not support reading DTBs from Secure memory
* and this option should be removed when feature is supported.
@@ -264,6 +260,8 @@
uintptr_t log_addr,
#endif
size_t log_size, uintptr_t *ns_log_addr);
+int arm_set_tb_fw_info(uintptr_t log_addr, size_t log_size);
+int arm_get_tb_fw_info(uint64_t *log_addr, size_t *log_size);
#endif /* MEASURED_BOOT */
/*
diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h
index 434835e..3fa63f5 100644
--- a/include/plat/common/platform.h
+++ b/include/plat/common/platform.h
@@ -122,6 +122,16 @@
void bl2_plat_preload_setup(void);
int plat_try_next_boot_source(void);
+#if MEASURED_BOOT
+int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data);
+#else
+static inline int plat_mboot_measure_image(unsigned int image_id __unused,
+ image_info_t *image_data __unused)
+{
+ return 0;
+}
+#endif /* MEASURED_BOOT */
+
/*******************************************************************************
* Mandatory BL1 functions
******************************************************************************/
@@ -182,12 +192,16 @@
int bl1_plat_handle_post_image_load(unsigned int image_id);
#if MEASURED_BOOT
-/*
- * Calculates and writes BL2 hash data to the platform's defined location.
- * For ARM platforms the data are written to TB_FW_CONFIG DTB.
- */
-void bl1_plat_set_bl2_hash(const image_desc_t *image_desc);
-#endif
+void bl1_plat_mboot_init(void);
+void bl1_plat_mboot_finish(void);
+#else
+static inline void bl1_plat_mboot_init(void)
+{
+}
+static inline void bl1_plat_mboot_finish(void)
+{
+}
+#endif /* MEASURED_BOOT */
/*******************************************************************************
* Mandatory BL2 functions
@@ -208,9 +222,16 @@
* Optional BL2 functions (may be overridden)
******************************************************************************/
#if MEASURED_BOOT
-/* Read TCG_DIGEST_SIZE bytes of BL2 hash data */
-void bl2_plat_get_hash(void *data);
-#endif
+void bl2_plat_mboot_init(void);
+void bl2_plat_mboot_finish(void);
+#else
+static inline void bl2_plat_mboot_init(void)
+{
+}
+static inline void bl2_plat_mboot_finish(void)
+{
+}
+#endif /* MEASURED_BOOT */
/*******************************************************************************
* Mandatory BL2 at EL3 functions: Must be implemented if BL2_AT_EL3 image is
diff --git a/lib/fconf/fconf_tbbr_getter.c b/lib/fconf/fconf_tbbr_getter.c
index 9a20ced..6f043e6 100644
--- a/lib/fconf/fconf_tbbr_getter.c
+++ b/lib/fconf/fconf_tbbr_getter.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2020, ARM Limited. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -71,26 +71,13 @@
}
tbbr_dyn_config.mbedtls_heap_size = val32;
-#if MEASURED_BOOT
- /* Retrieve BL2 hash data details from the DTB */
- err = fdtw_read_bytes(dtb, node, "bl2_hash_data", TCG_DIGEST_SIZE,
- &tbbr_dyn_config.bl2_hash_data);
- if (err < 0) {
- ERROR("FCONF: Read %s failed for '%s'\n",
- "bytes", "bl2_hash_data");
- return err;
- }
-#endif
VERBOSE("%s%s%s %d\n", "FCONF: `tbbr.", "disable_auth",
"` cell found with value =", tbbr_dyn_config.disable_auth);
VERBOSE("%s%s%s %p\n", "FCONF: `tbbr.", "mbedtls_heap_addr",
"` cell found with value =", tbbr_dyn_config.mbedtls_heap_addr);
VERBOSE("%s%s%s %zu\n", "FCONF: `tbbr.", "mbedtls_heap_size",
"` cell found with value =", tbbr_dyn_config.mbedtls_heap_size);
-#if MEASURED_BOOT
- VERBOSE("%s%s%s %p\n", "FCONF: `tbbr.", "bl2_hash_data",
- "` array found at address =", tbbr_dyn_config.bl2_hash_data);
-#endif
+
return 0;
}
diff --git a/plat/arm/board/arm_fpga/platform.mk b/plat/arm/board/arm_fpga/platform.mk
index 1217425..901fabf 100644
--- a/plat/arm/board/arm_fpga/platform.mk
+++ b/plat/arm/board/arm_fpga/platform.mk
@@ -117,9 +117,9 @@
${FPGA_CPU_LIBS} \
${FPGA_GIC_SOURCES}
-$(eval $(call MAKE_S,$(BUILD_PLAT),plat/arm/board/arm_fpga/rom_trampoline.S,31))
-$(eval $(call MAKE_S,$(BUILD_PLAT),plat/arm/board/arm_fpga/kernel_trampoline.S,31))
-$(eval $(call MAKE_LD,$(BUILD_PLAT)/build_axf.ld,plat/arm/board/arm_fpga/build_axf.ld.S,31))
+$(eval $(call MAKE_S,$(BUILD_PLAT),plat/arm/board/arm_fpga/rom_trampoline.S,bl31))
+$(eval $(call MAKE_S,$(BUILD_PLAT),plat/arm/board/arm_fpga/kernel_trampoline.S,bl31))
+$(eval $(call MAKE_LD,$(BUILD_PLAT)/build_axf.ld,plat/arm/board/arm_fpga/build_axf.ld.S,bl31))
bl31.axf: bl31 dtbs ${BUILD_PLAT}/rom_trampoline.o ${BUILD_PLAT}/kernel_trampoline.o ${BUILD_PLAT}/build_axf.ld
$(ECHO) " LD $@"
diff --git a/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts b/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
index 08d3c32..cf4ef2d 100644
--- a/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
+++ b/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
@@ -26,19 +26,6 @@
*/
mbedtls_heap_addr = <0x0 0x0>;
mbedtls_heap_size = <0x0>;
-
-#if MEASURED_BOOT
- /* BL2 image hash calculated by BL1 */
- bl2_hash_data = [
- 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
-#if BL2_HASH_SIZE > 32
- 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
-#if BL2_HASH_SIZE > 48
- 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
-#endif /* > 48 */
-#endif /* > 32 */
- 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00];
-#endif /* MEASURED_BOOT */
};
/*
@@ -117,6 +104,10 @@
#include "cot_descriptors.dtsi"
#endif
+#if MEASURED_BOOT
+ #include "event_log.dtsi"
+#endif
+
};
#if COT_DESC_IN_DTB
diff --git a/plat/arm/board/fvp/fvp_bl1_measured_boot.c b/plat/arm/board/fvp/fvp_bl1_measured_boot.c
new file mode 100644
index 0000000..47af1f5
--- /dev/null
+++ b/plat/arm/board/fvp/fvp_bl1_measured_boot.c
@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stdint.h>
+
+#include <drivers/measured_boot/event_log/event_log.h>
+#include <plat/arm/common/plat_arm.h>
+
+/* Event Log data */
+static uint8_t event_log[PLAT_ARM_EVENT_LOG_MAX_SIZE];
+
+/* FVP table with platform specific image IDs, names and PCRs */
+const event_log_metadata_t fvp_event_log_metadata[] = {
+ { FW_CONFIG_ID, EVLOG_FW_CONFIG_STRING, PCR_0 },
+ { TB_FW_CONFIG_ID, EVLOG_TB_FW_CONFIG_STRING, PCR_0 },
+ { BL2_IMAGE_ID, EVLOG_BL2_STRING, PCR_0 },
+ { INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
+};
+
+void bl1_plat_mboot_init(void)
+{
+ event_log_init(event_log, event_log + sizeof(event_log));
+ event_log_write_header();
+}
+
+void bl1_plat_mboot_finish(void)
+{
+ size_t event_log_cur_size;
+
+ event_log_cur_size = event_log_get_cur_size(event_log);
+ int rc = arm_set_tb_fw_info((uintptr_t)event_log,
+ event_log_cur_size);
+ if (rc != 0) {
+ /*
+ * It is a fatal error because on FVP platform, BL2 software
+ * assumes that a valid Event Log buffer exist and it will use
+ * same Event Log buffer to append image measurements.
+ */
+ panic();
+ }
+}
diff --git a/plat/arm/board/fvp/fvp_bl1_setup.c b/plat/arm/board/fvp/fvp_bl1_setup.c
index 06ee037..59fc0f3 100644
--- a/plat/arm/board/fvp/fvp_bl1_setup.c
+++ b/plat/arm/board/fvp/fvp_bl1_setup.c
@@ -76,63 +76,6 @@
wfi();
}
-#if MEASURED_BOOT
-/*
- * Calculates and writes BL2 hash data to TB_FW_CONFIG DTB.
- */
-void bl1_plat_set_bl2_hash(const image_desc_t *image_desc)
-{
- arm_bl1_set_bl2_hash(image_desc);
-}
-
-/*
- * Implementation for bl1_plat_handle_post_image_load(). This function
- * populates the default arguments to BL2. The BL2 memory layout structure
- * is allocated and the calculated layout is populated in arg1 to BL2.
- */
-int bl1_plat_handle_post_image_load(unsigned int image_id)
-{
- meminfo_t *bl2_tzram_layout;
- meminfo_t *bl1_tzram_layout;
- image_desc_t *image_desc;
- entry_point_info_t *ep_info;
-
- if (image_id != BL2_IMAGE_ID) {
- return 0;
- }
-
- /* Get the image descriptor */
- image_desc = bl1_plat_get_image_desc(BL2_IMAGE_ID);
- assert(image_desc != NULL);
-
- /* Calculate BL2 hash and set it in TB_FW_CONFIG */
- bl1_plat_set_bl2_hash(image_desc);
-
- /* Get the entry point info */
- ep_info = &image_desc->ep_info;
-
- /* Find out how much free trusted ram remains after BL1 load */
- bl1_tzram_layout = bl1_plat_sec_mem_layout();
-
- /*
- * Create a new layout of memory for BL2 as seen by BL1 i.e.
- * tell it the amount of total and free memory available.
- * This layout is created at the first free address visible
- * to BL2. BL2 will read the memory layout before using its
- * memory for other purposes.
- */
- bl2_tzram_layout = (meminfo_t *)bl1_tzram_layout->total_base;
-
- bl1_calc_bl2_mem_layout(bl1_tzram_layout, bl2_tzram_layout);
-
- ep_info->args.arg1 = (uintptr_t)bl2_tzram_layout;
-
- VERBOSE("BL1: BL2 memory layout address = %p\n",
- (void *)bl2_tzram_layout);
- return 0;
-}
-#endif /* MEASURED_BOOT */
-
/*******************************************************************************
* The following function checks if Firmware update is needed by checking error
* reported in NV flag.
diff --git a/plat/arm/board/fvp/fvp_bl2_measured_boot.c b/plat/arm/board/fvp/fvp_bl2_measured_boot.c
new file mode 100644
index 0000000..5ebfede
--- /dev/null
+++ b/plat/arm/board/fvp/fvp_bl2_measured_boot.c
@@ -0,0 +1,110 @@
+/*
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stdint.h>
+
+#include <drivers/measured_boot/event_log/event_log.h>
+#include <plat/arm/common/plat_arm.h>
+
+/* Event Log data */
+static uint64_t event_log_base;
+
+/* FVP table with platform specific image IDs, names and PCRs */
+const event_log_metadata_t fvp_event_log_metadata[] = {
+ { BL31_IMAGE_ID, EVLOG_BL31_STRING, PCR_0 },
+ { BL32_IMAGE_ID, EVLOG_BL32_STRING, PCR_0 },
+ { BL32_EXTRA1_IMAGE_ID, EVLOG_BL32_EXTRA1_STRING, PCR_0 },
+ { BL32_EXTRA2_IMAGE_ID, EVLOG_BL32_EXTRA2_STRING, PCR_0 },
+ { BL33_IMAGE_ID, EVLOG_BL33_STRING, PCR_0 },
+ { HW_CONFIG_ID, EVLOG_HW_CONFIG_STRING, PCR_0 },
+ { NT_FW_CONFIG_ID, EVLOG_NT_FW_CONFIG_STRING, PCR_0 },
+ { SCP_BL2_IMAGE_ID, EVLOG_SCP_BL2_STRING, PCR_0 },
+ { SOC_FW_CONFIG_ID, EVLOG_SOC_FW_CONFIG_STRING, PCR_0 },
+ { TOS_FW_CONFIG_ID, EVLOG_TOS_FW_CONFIG_STRING, PCR_0 },
+ { INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
+};
+
+void bl2_plat_mboot_init(void)
+{
+ uint8_t *event_log_start;
+ uint8_t *event_log_finish;
+ size_t bl1_event_log_size;
+ int rc;
+
+ rc = arm_get_tb_fw_info(&event_log_base, &bl1_event_log_size);
+ if (rc != 0) {
+ ERROR("%s(): Unable to get Event Log info from TB_FW_CONFIG\n",
+ __func__);
+ /*
+ * It is a fatal error because on FVP platform, BL2 software
+ * assumes that a valid Event Log buffer exist and it will use
+ * same Event Log buffer to append image measurements.
+ */
+ panic();
+ }
+
+ /*
+ * BL1 and BL2 share the same Event Log buffer and that BL2 will
+ * append its measurements after BL1's
+ */
+ event_log_start = (uint8_t *)((uintptr_t)event_log_base +
+ bl1_event_log_size);
+ event_log_finish = (uint8_t *)((uintptr_t)event_log_base +
+ PLAT_ARM_EVENT_LOG_MAX_SIZE);
+
+ event_log_init((uint8_t *)event_log_start, event_log_finish);
+}
+
+void bl2_plat_mboot_finish(void)
+{
+ int rc;
+
+ /* Event Log address in Non-Secure memory */
+ uintptr_t ns_log_addr;
+
+ /* Event Log filled size */
+ size_t event_log_cur_size;
+
+ event_log_cur_size = event_log_get_cur_size((uint8_t *)event_log_base);
+
+ rc = arm_set_nt_fw_info(
+#ifdef SPD_opteed
+ (uintptr_t)event_log_base,
+#endif
+ event_log_cur_size, &ns_log_addr);
+ if (rc != 0) {
+ ERROR("%s(): Unable to update %s_FW_CONFIG\n",
+ __func__, "NT");
+ /*
+ * It is a fatal error because on FVP secure world software
+ * assumes that a valid event log exists and will use it to
+ * record the measurements into the fTPM.
+ * Note: In FVP platform, OP-TEE uses nt_fw_config to get the
+ * secure Event Log buffer address.
+ */
+ panic();
+ }
+
+ /* Copy Event Log to Non-secure memory */
+ (void)memcpy((void *)ns_log_addr, (const void *)event_log_base,
+ event_log_cur_size);
+
+ /* Ensure that the Event Log is visible in Non-secure memory */
+ flush_dcache_range(ns_log_addr, event_log_cur_size);
+
+#if defined(SPD_tspd) || defined(SPD_spmd)
+ /* Set Event Log data in TOS_FW_CONFIG */
+ rc = arm_set_tos_fw_info((uintptr_t)event_log_base,
+ event_log_cur_size);
+ if (rc != 0) {
+ ERROR("%s(): Unable to update %s_FW_CONFIG\n",
+ __func__, "TOS");
+ panic();
+ }
+#endif /* defined(SPD_tspd) || defined(SPD_spmd) */
+
+ dump_event_log((uint8_t *)event_log_base, event_log_cur_size);
+}
diff --git a/plat/arm/board/fvp/fvp_bl2_setup.c b/plat/arm/board/fvp/fvp_bl2_setup.c
index f2f2143..5a17a0d 100644
--- a/plat/arm/board/fvp/fvp_bl2_setup.c
+++ b/plat/arm/board/fvp/fvp_bl2_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,9 +9,6 @@
#include <common/debug.h>
#include <common/desc_image_load.h>
#include <drivers/arm/sp804_delay_timer.h>
-#if MEASURED_BOOT
-#include <drivers/measured_boot/measured_boot.h>
-#endif
#include <lib/fconf/fconf.h>
#include <lib/fconf/fconf_dyn_cfg_getter.h>
@@ -73,45 +70,3 @@
return arm_bl_params;
}
-#if MEASURED_BOOT
-static int fvp_bl2_plat_handle_post_image_load(unsigned int image_id)
-{
- const bl_mem_params_node_t *bl_mem_params =
- get_bl_mem_params_node(image_id);
-
- assert(bl_mem_params != NULL);
-
- image_info_t info = bl_mem_params->image_info;
- int err;
-
- if ((info.h.attr & IMAGE_ATTRIB_SKIP_LOADING) == 0U) {
- /* Calculate image hash and record data in Event Log */
- err = tpm_record_measurement(info.image_base,
- info.image_size, image_id);
- if (err != 0) {
- ERROR("%s%s image id %u (%i)\n",
- "BL2: Failed to ", "record", image_id, err);
- return err;
- }
- }
-
- err = arm_bl2_handle_post_image_load(image_id);
- if (err != 0) {
- ERROR("%s%s image id %u (%i)\n",
- "BL2: Failed to ", "handle", image_id, err);
- }
-
- return err;
-}
-
-int arm_bl2_plat_handle_post_image_load(unsigned int image_id)
-{
- int err = fvp_bl2_plat_handle_post_image_load(image_id);
-
- if (err != 0) {
- ERROR("%s() returns %i\n", __func__, err);
- }
-
- return err;
-}
-#endif /* MEASURED_BOOT */
diff --git a/plat/arm/board/fvp/fvp_common_measured_boot.c b/plat/arm/board/fvp/fvp_common_measured_boot.c
new file mode 100644
index 0000000..6a403d9
--- /dev/null
+++ b/plat/arm/board/fvp/fvp_common_measured_boot.c
@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <stdint.h>
+
+#include <common/desc_image_load.h>
+#include <drivers/measured_boot/event_log/event_log.h>
+#include <plat/arm/common/plat_arm.h>
+#include <plat/common/platform.h>
+
+extern event_log_metadata_t fvp_event_log_metadata[];
+
+const event_log_metadata_t *plat_event_log_get_metadata(void)
+{
+ return fvp_event_log_metadata;
+}
+
+int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data)
+{
+ /* Calculate image hash and record data in Event Log */
+ int err = event_log_measure_and_record(image_data->image_base,
+ image_data->image_size,
+ image_id);
+ if (err != 0) {
+ ERROR("%s%s image id %u (%i)\n",
+ "Failed to ", "record", image_id, err);
+ return err;
+ }
+
+ return 0;
+}
diff --git a/plat/arm/board/fvp/fvp_measured_boot.c b/plat/arm/board/fvp/fvp_measured_boot.c
deleted file mode 100644
index 5dcadba..0000000
--- a/plat/arm/board/fvp/fvp_measured_boot.c
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <drivers/measured_boot/event_log.h>
-#include <plat/arm/common/plat_arm.h>
-
-/* FVP table with platform specific image IDs, names and PCRs */
-static const image_data_t fvp_images_data[] = {
- { BL2_IMAGE_ID, BL2_STRING, PCR_0 }, /* Reserved for BL2 */
- { BL31_IMAGE_ID, BL31_STRING, PCR_0 },
- { BL32_IMAGE_ID, BL32_STRING, PCR_0 },
- { BL32_EXTRA1_IMAGE_ID, BL32_EXTRA1_IMAGE_STRING, PCR_0 },
- { BL32_EXTRA2_IMAGE_ID, BL32_EXTRA2_IMAGE_STRING, PCR_0 },
- { BL33_IMAGE_ID, BL33_STRING, PCR_0 },
- { HW_CONFIG_ID, HW_CONFIG_STRING, PCR_0 },
- { NT_FW_CONFIG_ID, NT_FW_CONFIG_STRING, PCR_0 },
- { SCP_BL2_IMAGE_ID, SCP_BL2_IMAGE_STRING, PCR_0 },
- { SOC_FW_CONFIG_ID, SOC_FW_CONFIG_STRING, PCR_0 },
- { TOS_FW_CONFIG_ID, TOS_FW_CONFIG_STRING, PCR_0 },
- { INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
-};
-
-static const measured_boot_data_t fvp_measured_boot_data = {
- fvp_images_data,
- arm_set_nt_fw_info,
- arm_set_tos_fw_info
-};
-
-/*
- * Function retuns pointer to FVP plat_measured_boot_data_t structure
- */
-const measured_boot_data_t *plat_get_measured_boot_data(void)
-{
- return &fvp_measured_boot_data;
-}
diff --git a/plat/arm/board/fvp/include/platform_def.h b/plat/arm/board/fvp/include/platform_def.h
index 96574e5..d89e122 100644
--- a/plat/arm/board/fvp/include/platform_def.h
+++ b/plat/arm/board/fvp/include/platform_def.h
@@ -341,4 +341,9 @@
#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 32)
#endif
+/*
+ * Maximum size of Event Log buffer used in Measured Boot Event Log driver
+ */
+#define PLAT_ARM_EVENT_LOG_MAX_SIZE UL(0x400)
+
#endif /* PLATFORM_DEF_H */
diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk
index b375146..70b1051 100644
--- a/plat/arm/board/fvp/platform.mk
+++ b/plat/arm/board/fvp/platform.mk
@@ -376,7 +376,10 @@
BL2_SOURCES += plat/arm/board/fvp/fvp_trusted_boot.c
ifeq (${MEASURED_BOOT},1)
-BL2_SOURCES += plat/arm/board/fvp/fvp_measured_boot.c
+BL1_SOURCES += plat/arm/board/fvp/fvp_common_measured_boot.c \
+ plat/arm/board/fvp/fvp_bl1_measured_boot.c
+BL2_SOURCES += plat/arm/board/fvp/fvp_common_measured_boot.c \
+ plat/arm/board/fvp/fvp_bl2_measured_boot.c
endif
# FVP being a development platform, enable capability to disable Authentication
diff --git a/plat/arm/board/fvp_r/fvp_r_bl1_context_mgmt.c b/plat/arm/board/fvp_r/fvp_r_bl1_context_mgmt.c
index 7ae853b..c6544b4 100644
--- a/plat/arm/board/fvp_r/fvp_r_bl1_context_mgmt.c
+++ b/plat/arm/board/fvp_r/fvp_r_bl1_context_mgmt.c
@@ -15,7 +15,7 @@
#include <plat/common/platform.h>
-void cm_prepare_el2_exit(uint32_t security_state);
+void cm_prepare_el2_exit(void);
/* Following contains the cpu context pointers. */
static void *bl1_cpu_context_ptr[2];
@@ -81,6 +81,9 @@
/* Allow platform to make change */
bl1_plat_set_ep_info(image_id, next_bl_ep);
+ /* Prepare context for the next EL */
+ cm_prepare_el2_exit();
+
/* Indicate that image is in execution state. */
desc->state = IMAGE_STATE_EXECUTED;
diff --git a/plat/arm/board/fvp_r/fvp_r_bl1_setup.c b/plat/arm/board/fvp_r/fvp_r_bl1_setup.c
index 3f3fd5e..68872c1 100644
--- a/plat/arm/board/fvp_r/fvp_r_bl1_setup.c
+++ b/plat/arm/board/fvp_r/fvp_r_bl1_setup.c
@@ -140,7 +140,6 @@
*/
void arm_bl1_platform_setup(void)
{
- image_desc_t *desc;
uint32_t fw_config_max_size;
/* Initialise the IO layer and register platform IO devices */
@@ -157,8 +156,7 @@
fw_config_max_size = ARM_FW_CONFIG_LIMIT - ARM_FW_CONFIG_BASE;
set_config_info(ARM_FW_CONFIG_BASE, fw_config_max_size, FW_CONFIG_ID);
- desc = bl1_plat_get_image_desc(BL33_IMAGE_ID);
- assert(desc != NULL);
+ assert(bl1_plat_get_image_desc(BL33_IMAGE_ID) != NULL);
/*
* Allow access to the System counter timer module and program
diff --git a/plat/arm/board/fvp_r/fvp_r_context_mgmt.c b/plat/arm/board/fvp_r/fvp_r_context_mgmt.c
index 678b879..d172d2d 100644
--- a/plat/arm/board/fvp_r/fvp_r_context_mgmt.c
+++ b/plat/arm/board/fvp_r/fvp_r_context_mgmt.c
@@ -4,25 +4,50 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <lib/el3_runtime/context_mgmt.h>
-#include <lib/el3_runtime/pubsub_events.h>
+#include <arch_helpers.h>
-#include <platform_def.h>
+/************************************************************
+ * For R-class everything is in secure world.
+ * Prepare the CPU system registers for first entry into EL1
+ ************************************************************/
+void cm_prepare_el2_exit(void)
+{
+ uint64_t hcr_el2 = 0U;
+ /*
+ * The use of ARMv8.3 pointer authentication (PAuth) is governed
+ * by fields in HCR_EL2, which trigger a 'trap to EL2' if not
+ * enabled. This register initialized at boot up, update PAuth
+ * bits.
+ *
+ * HCR_API_BIT: Set to one to disable traps to EL2 if lower ELs
+ * access PAuth registers
+ *
+ * HCR_APK_BIT: Set to one to disable traps to EL2 if lower ELs
+ * access PAuth instructions
+ */
+ hcr_el2 = read_hcr_el2();
+ write_hcr_el2(hcr_el2 | HCR_API_BIT | HCR_APK_BIT);
-/*******************************************************************************
- * File contains EL2 equivalents of EL3 functions from
- * .../lib/el3_runtime/aarch64/context_mgmt.c
- ******************************************************************************/
+ /*
+ * Initialise CNTHCTL_EL2. All fields are architecturally UNKNOWN
+ * on reset and are set to zero except for field(s) listed below.
+ *
+ * CNTHCTL_EL2.EL1PCEN: Set to one to disable traps to EL2
+ * if lower ELs accesses to the physical timer registers.
+ *
+ * CNTHCTL_EL2.EL1PCTEN: Set to one to disable traps to EL2
+ * if lower ELs access to the physical counter registers.
+ */
+ write_cnthctl_el2(CNTHCTL_RESET_VAL | EL1PCEN_BIT | EL1PCTEN_BIT);
-/*******************************************************************************
- * Prepare the CPU system registers for first entry into secure or normal world
- *
- * The majority of the work needed is only for switching to non-secure, which
- * is not available on v8-R64 cores, so this function is very simple.
- ******************************************************************************/
-void cm_prepare_el2_exit(uint32_t security_state)
-{
- cm_el1_sysregs_context_restore(security_state);
- cm_set_next_eret_context(security_state);
+ /*
+ * On Armv8-R, the EL1&0 memory system architecture is configurable
+ * as a VMSA or PMSA. All the fields architecturally UNKNOWN on reset
+ * and are set to zero except for field listed below.
+ *
+ * VCTR_EL2.MSA: Set to one to ensure the VMSA is enabled so that
+ * rich OS can boot.
+ */
+ write_vtcr_el2(VTCR_RESET_VAL | VTCR_EL2_MSA);
}
diff --git a/plat/arm/common/arm_bl2_setup.c b/plat/arm/common/arm_bl2_setup.c
index 2871b1b..08c014d 100644
--- a/plat/arm/common/arm_bl2_setup.c
+++ b/plat/arm/common/arm_bl2_setup.c
@@ -48,9 +48,6 @@
#pragma weak bl2_platform_setup
#pragma weak bl2_plat_arch_setup
#pragma weak bl2_plat_sec_mem_layout
-#if MEASURED_BOOT
-#pragma weak bl2_plat_get_hash
-#endif
#if ENABLE_RME
#define MAP_BL2_TOTAL MAP_REGION_FLAT( \
@@ -323,11 +320,3 @@
{
return arm_bl2_plat_handle_post_image_load(image_id);
}
-
-#if MEASURED_BOOT
-/* Read TCG_DIGEST_SIZE bytes of BL2 hash data */
-void bl2_plat_get_hash(void *data)
-{
- arm_bl2_get_hash(data);
-}
-#endif
diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk
index f82392c..a20e258 100644
--- a/plat/arm/common/arm_common.mk
+++ b/plat/arm/common/arm_common.mk
@@ -406,7 +406,7 @@
endif
ifeq (${MEASURED_BOOT},1)
- MEASURED_BOOT_MK := drivers/measured_boot/measured_boot.mk
+ MEASURED_BOOT_MK := drivers/measured_boot/event_log/event_log.mk
$(info Including ${MEASURED_BOOT_MK})
include ${MEASURED_BOOT_MK}
endif
diff --git a/plat/arm/common/arm_dyn_cfg.c b/plat/arm/common/arm_dyn_cfg.c
index 30473be..6aae9ae 100644
--- a/plat/arm/common/arm_dyn_cfg.c
+++ b/plat/arm/common/arm_dyn_cfg.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -15,10 +15,6 @@
#include <common/tbbr/tbbr_img_def.h>
#if TRUSTED_BOARD_BOOT
#include <drivers/auth/mbedtls/mbedtls_config.h>
-#if MEASURED_BOOT
-#include <drivers/auth/crypto_mod.h>
-#include <mbedtls/md.h>
-#endif
#endif
#include <lib/fconf/fconf.h>
#include <lib/fconf/fconf_dyn_cfg_getter.h>
@@ -115,82 +111,13 @@
* images. It's critical because BL2 won't be able to proceed
* without the heap info.
*
- * In MEASURED_BOOT case flushing is done in
- * arm_bl1_set_bl2_hash() function which is called after heap
- * information is written in the DTB.
+ * In MEASURED_BOOT case flushing is done in a function which
+ * is called after heap information is written in the DTB.
*/
flush_dcache_range(tb_fw_cfg_dtb, fdt_totalsize(dtb));
#endif /* !MEASURED_BOOT */
}
-}
-
-#if MEASURED_BOOT
-/*
- * Calculates and writes BL2 hash data to TB_FW_CONFIG DTB.
- * Executed only from BL1.
- */
-void arm_bl1_set_bl2_hash(const image_desc_t *image_desc)
-{
- unsigned char hash_data[MBEDTLS_MD_MAX_SIZE];
- const image_info_t image_info = image_desc->image_info;
- uintptr_t tb_fw_cfg_dtb;
- int err;
- const struct dyn_cfg_dtb_info_t *tb_fw_config_info;
-
- tb_fw_config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, TB_FW_CONFIG_ID);
- assert(tb_fw_config_info != NULL);
-
- tb_fw_cfg_dtb = tb_fw_config_info->config_addr;
-
- /*
- * If tb_fw_cfg_dtb==NULL then DTB is not present for the current
- * platform. As such, we cannot write to the DTB at all and pass
- * measured data.
- */
- if (tb_fw_cfg_dtb == 0UL) {
- panic();
- }
-
- /* Calculate hash */
- err = crypto_mod_calc_hash(MBEDTLS_MD_ID,
- (void *)image_info.image_base,
- image_info.image_size, hash_data);
- if (err != 0) {
- ERROR("%scalculate%s\n", "BL1: unable to ",
- " BL2 hash");
- panic();
- }
-
- err = arm_set_bl2_hash_info((void *)tb_fw_cfg_dtb, hash_data);
- if (err < 0) {
- ERROR("%swrite%sdata%s\n", "BL1: unable to ",
- " BL2 hash ", "to DTB\n");
- panic();
- }
-
- /*
- * Ensure that the info written to the DTB is visible to other
- * images. It's critical because BL2 won't be able to proceed
- * without the heap info and its hash data.
- */
- flush_dcache_range(tb_fw_cfg_dtb, fdt_totalsize((void *)tb_fw_cfg_dtb));
-}
-
-/*
- * Reads TCG_DIGEST_SIZE bytes of BL2 hash data from the DTB.
- * Executed only from BL2.
- */
-void arm_bl2_get_hash(void *data)
-{
- const void *bl2_hash;
-
- assert(data != NULL);
-
- /* Retrieve TCG_DIGEST_SIZE bytes of BL2 hash data from the DTB */
- bl2_hash = FCONF_GET_PROPERTY(tbbr, dyn_config, bl2_hash_data);
- (void)memcpy(data, bl2_hash, TCG_DIGEST_SIZE);
}
-#endif /* MEASURED_BOOT */
#endif /* TRUSTED_BOARD_BOOT */
/*
diff --git a/plat/arm/common/arm_dyn_cfg_helpers.c b/plat/arm/common/arm_dyn_cfg_helpers.c
index 5f20c8d..6a2a6f8 100644
--- a/plat/arm/common/arm_dyn_cfg_helpers.c
+++ b/plat/arm/common/arm_dyn_cfg_helpers.c
@@ -11,6 +11,8 @@
#endif
#include <common/fdt_wrappers.h>
+#include <lib/fconf/fconf.h>
+#include <lib/fconf/fconf_dyn_cfg_getter.h>
#include <libfdt.h>
#include <plat/arm/common/arm_dyn_cfg_helpers.h>
@@ -20,18 +22,15 @@
#define DTB_PROP_MBEDTLS_HEAP_SIZE "mbedtls_heap_size"
#if MEASURED_BOOT
-#define DTB_PROP_BL2_HASH_DATA "bl2_hash_data"
#ifdef SPD_opteed
/*
* Currently OP-TEE does not support reading DTBs from Secure memory
* and this property should be removed when this feature is supported.
*/
#define DTB_PROP_HW_SM_LOG_ADDR "tpm_event_log_sm_addr"
-#endif
+#endif /* SPD_opteed */
#define DTB_PROP_HW_LOG_ADDR "tpm_event_log_addr"
#define DTB_PROP_HW_LOG_SIZE "tpm_event_log_size"
-
-static int dtb_root = -1;
#endif /* MEASURED_BOOT */
/*******************************************************************************
@@ -81,9 +80,8 @@
*/
int arm_set_dtb_mbedtls_heap_info(void *dtb, void *heap_addr, size_t heap_size)
{
-#if !MEASURED_BOOT
int dtb_root;
-#endif
+
/*
* Verify that the DTB is valid, before attempting to write to it,
* and get the DTB root node.
@@ -123,32 +121,8 @@
#if MEASURED_BOOT
/*
- * This function writes the BL2 hash data in HW_FW_CONFIG DTB.
- * When it is called, it is guaranteed that a DTB is available.
- *
- * This function is supposed to be called only by BL1.
- *
- * Returns:
- * 0 = success
- * < 0 = error
- */
-int arm_set_bl2_hash_info(void *dtb, void *data)
-{
- assert(dtb_root >= 0);
-
- /*
- * Write the BL2 hash data in the DTB.
- */
- return fdtw_write_inplace_bytes(dtb, dtb_root,
- DTB_PROP_BL2_HASH_DATA,
- TCG_DIGEST_SIZE, data);
-}
-
-/*
* Write the Event Log address and its size in the DTB.
*
- * This function is supposed to be called only by BL2.
- *
* Returns:
* 0 = success
* < 0 = error
@@ -231,14 +205,20 @@
* 0 = success
* < 0 = error
*/
-int arm_set_tos_fw_info(uintptr_t config_base, uintptr_t log_addr,
- size_t log_size)
+int arm_set_tos_fw_info(uintptr_t log_addr, size_t log_size)
{
+ uintptr_t config_base;
+ const bl_mem_params_node_t *cfg_mem_params;
int err;
- assert(config_base != 0UL);
assert(log_addr != 0UL);
+ /* Get the config load address and size of TOS_FW_CONFIG */
+ cfg_mem_params = get_bl_mem_params_node(TOS_FW_CONFIG_ID);
+ assert(cfg_mem_params != NULL);
+
+ config_base = cfg_mem_params->image_info.image_base;
+
/* Write the Event Log address and its size in the DTB */
err = arm_set_event_log_info(config_base,
#ifdef SPD_opteed
@@ -263,23 +243,25 @@
* 0 = success
* < 0 = error
*/
-int arm_set_nt_fw_info(uintptr_t config_base,
+int arm_set_nt_fw_info(
#ifdef SPD_opteed
uintptr_t log_addr,
#endif
size_t log_size, uintptr_t *ns_log_addr)
{
+ uintptr_t config_base;
uintptr_t ns_addr;
const bl_mem_params_node_t *cfg_mem_params;
int err;
- assert(config_base != 0UL);
assert(ns_log_addr != NULL);
/* Get the config load address and size from NT_FW_CONFIG */
cfg_mem_params = get_bl_mem_params_node(NT_FW_CONFIG_ID);
assert(cfg_mem_params != NULL);
+ config_base = cfg_mem_params->image_info.image_base;
+
/* Calculate Event Log address in Non-secure memory */
ns_addr = cfg_mem_params->image_info.image_base +
cfg_mem_params->image_info.image_max_size;
@@ -300,4 +282,87 @@
*ns_log_addr = (err < 0) ? 0UL : ns_addr;
return err;
}
+
+/*
+ * This function writes the Event Log address and its size
+ * in the TB_FW_CONFIG DTB.
+ *
+ * This function is supposed to be called only by BL1.
+ *
+ * Returns:
+ * 0 = success
+ * < 0 = error
+ */
+int arm_set_tb_fw_info(uintptr_t log_addr, size_t log_size)
+{
+ /*
+ * Read tb_fw_config device tree for Event Log properties
+ * and write the Event Log address and its size in the DTB
+ */
+ const struct dyn_cfg_dtb_info_t *tb_fw_config_info;
+ uintptr_t tb_fw_cfg_dtb;
+ int err;
+
+ tb_fw_config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, TB_FW_CONFIG_ID);
+ assert(tb_fw_config_info != NULL);
+
+ tb_fw_cfg_dtb = tb_fw_config_info->config_addr;
+
+ err = arm_set_event_log_info(tb_fw_cfg_dtb,
+#ifdef SPD_opteed
+ 0UL,
+#endif
+ log_addr, log_size);
+ return err;
+}
+
+/*
+ * This function reads the Event Log address and its size
+ * properties present in TB_FW_CONFIG DTB.
+ *
+ * This function is supposed to be called only by BL2.
+ *
+ * Returns:
+ * 0 = success
+ * < 0 = error
+ * Alongside returns Event Log address and its size.
+ */
+
+int arm_get_tb_fw_info(uint64_t *log_addr, size_t *log_size)
+{
+ /* As libfdt uses void *, we can't avoid this cast */
+ const struct dyn_cfg_dtb_info_t *tb_fw_config_info;
+ int node, rc;
+
+ tb_fw_config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, TB_FW_CONFIG_ID);
+ assert(tb_fw_config_info != NULL);
+
+ void *dtb = (void *)tb_fw_config_info->config_addr;
+ const char *compatible = "arm,tpm_event_log";
+
+ /* Assert the node offset point to compatible property */
+ node = fdt_node_offset_by_compatible(dtb, -1, compatible);
+ if (node < 0) {
+ WARN("The compatible property '%s'%s", compatible,
+ " not specified in TB_FW config.\n");
+ return node;
+ }
+
+ VERBOSE("Dyn cfg: '%s'%s", compatible, " found in the config\n");
+
+ rc = fdt_read_uint64(dtb, node, DTB_PROP_HW_LOG_ADDR, log_addr);
+ if (rc != 0) {
+ ERROR("%s%s", DTB_PROP_HW_LOG_ADDR,
+ " not specified in TB_FW config.\n");
+ return rc;
+ }
+
+ rc = fdt_read_uint32(dtb, node, DTB_PROP_HW_LOG_SIZE, (uint32_t *)log_size);
+ if (rc != 0) {
+ ERROR("%s%s", DTB_PROP_HW_LOG_SIZE,
+ " not specified in TB_FW config.\n");
+ }
+
+ return rc;
+}
#endif /* MEASURED_BOOT */
diff --git a/plat/common/plat_bl1_common.c b/plat/common/plat_bl1_common.c
index 1c6d68b..bcf9f89 100644
--- a/plat/common/plat_bl1_common.c
+++ b/plat/common/plat_bl1_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2021, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -27,9 +27,6 @@
#pragma weak bl1_plat_fwu_done
#pragma weak bl1_plat_handle_pre_image_load
#pragma weak bl1_plat_handle_post_image_load
-#if MEASURED_BOOT
-#pragma weak bl1_plat_set_bl2_hash
-#endif
unsigned int bl1_plat_get_next_image_id(void)
{
@@ -118,12 +115,3 @@
(void *) bl2_secram_layout);
return 0;
}
-
-#if MEASURED_BOOT
-/*
- * Calculates and writes BL2 hash data to TB_FW_CONFIG DTB.
- */
-void bl1_plat_set_bl2_hash(const image_desc_t *image_desc)
-{
-}
-#endif
diff --git a/plat/marvell/armada/a3k/common/a3700_common.mk b/plat/marvell/armada/a3k/common/a3700_common.mk
index 9550452..c3f78c5 100644
--- a/plat/marvell/armada/a3k/common/a3700_common.mk
+++ b/plat/marvell/armada/a3k/common/a3700_common.mk
@@ -76,6 +76,7 @@
ifdef WTP
+# Do not remove! Following checks are required to ensure correct TF-A builds, removing these checks leads to broken TF-A builds
$(if $(wildcard $(value WTP)/*),,$(error "'WTP=$(value WTP)' was specified, but '$(value WTP)' directory does not exist"))
$(if $(shell git -C $(value WTP) rev-parse --show-cdup 2>&1),$(error "'WTP=$(value WTP)' was specified, but '$(value WTP)' does not contain valid A3700-utils-marvell git repository"))
@@ -143,6 +144,7 @@
CRYPTOPP_INCDIR ?= $(CRYPTOPP_PATH)
$(TBB): FORCE
+ # Do not remove! Following checks are required to ensure correct TF-A builds, removing these checks leads to broken TF-A builds
$(if $(CRYPTOPP_LIBDIR),,$(error "Platform '$(PLAT)' for WTP image tool requires CRYPTOPP_PATH or CRYPTOPP_LIBDIR. Please set CRYPTOPP_PATH or CRYPTOPP_LIBDIR to point to the right directory"))
$(if $(CRYPTOPP_INCDIR),,$(error "Platform '$(PLAT)' for WTP image tool requires CRYPTOPP_PATH or CRYPTOPP_INCDIR. Please set CRYPTOPP_PATH or CRYPTOPP_INCDIR to point to the right directory"))
$(if $(wildcard $(CRYPTOPP_LIBDIR)/*),,$(error "Either 'CRYPTOPP_PATH' or 'CRYPTOPP_LIB' was set to '$(CRYPTOPP_LIBDIR)', but '$(CRYPTOPP_LIBDIR)' does not exist"))
@@ -159,6 +161,7 @@
$(Q)cp -a $(WTMI_MULTI_IMG) $(BUILD_PLAT)/wtmi.bin
$(TIMDDRTOOL): FORCE
+ # Do not remove! Following checks are required to ensure correct TF-A builds, removing these checks leads to broken TF-A builds
$(if $(value MV_DDR_PATH),,$(error "Platform '${PLAT}' for ddr tool requires MV_DDR_PATH. Please set MV_DDR_PATH to point to the right directory"))
$(if $(wildcard $(value MV_DDR_PATH)/*),,$(error "'MV_DDR_PATH=$(value MV_DDR_PATH)' was specified, but '$(value MV_DDR_PATH)' directory does not exist"))
$(if $(shell git -C $(value MV_DDR_PATH) rev-parse --show-cdup 2>&1),$(error "'MV_DDR_PATH=$(value MV_DDR_PATH)' was specified, but '$(value MV_DDR_PATH)' does not contain valid mv-ddr-marvell git repository"))
diff --git a/plat/marvell/armada/a8k/a70x0_mochabin/board/dram_port.c b/plat/marvell/armada/a8k/a70x0_mochabin/board/dram_port.c
new file mode 100644
index 0000000..68d335b
--- /dev/null
+++ b/plat/marvell/armada/a8k/a70x0_mochabin/board/dram_port.c
@@ -0,0 +1,227 @@
+/*
+ * Copyright (C) 2021 Sartura Ltd.
+ * Copyright (C) 2021 Globalscale technologies, Inc.
+ * Copyright (C) 2021 Marvell International Ltd.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ * https://spdx.org/licenses
+ */
+
+#include <arch_helpers.h>
+#include <common/debug.h>
+
+#include <mv_ddr_if.h>
+#include <plat_marvell.h>
+
+/*
+ * This function may modify the default DRAM parameters
+ * based on information received from SPD or bootloader
+ * configuration located on non volatile storage
+ */
+void plat_marvell_dram_update_topology(void)
+{
+}
+
+/*
+ * This struct provides the DRAM training code with
+ * the appropriate board DRAM configuration
+ */
+#if DDR_TOPOLOGY == 0
+static struct mv_ddr_topology_map board_topology_map_2g = {
+/* 1CS 4Gb x4 devices of Samsung K4A4G085WF */
+ DEBUG_LEVEL_ERROR,
+ 0x1, /* active interfaces */
+ /* cs_mask, mirror, dqs_swap, ck_swap X subphys */
+ { { { {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0} },
+ SPEED_BIN_DDR_2400R, /* speed_bin */
+ MV_DDR_DEV_WIDTH_8BIT, /* sdram device width */
+ MV_DDR_DIE_CAP_4GBIT, /* die capacity */
+ MV_DDR_FREQ_SAR, /* frequency */
+ 0, 0, /* cas_l, cas_wl */
+ MV_DDR_TEMP_LOW} }, /* temperature */
+ BUS_MASK_32BIT, /* subphys mask */
+ MV_DDR_CFG_DEFAULT, /* ddr configuration data source */
+ NOT_COMBINED, /* ddr twin-die combined*/
+ { {0} }, /* raw spd data */
+ {0}, /* timing parameters */
+ { /* electrical configuration */
+ { /* memory electrical configuration */
+ MV_DDR_RTT_NOM_PARK_RZQ_DISABLE, /* rtt_nom */
+ {
+ MV_DDR_RTT_NOM_PARK_RZQ_DIV4, /* rtt_park 1cs */
+ MV_DDR_RTT_NOM_PARK_RZQ_DIV1 /* rtt_park 2cs */
+ },
+ {
+ MV_DDR_RTT_WR_DYN_ODT_OFF, /* rtt_wr 1cs */
+ MV_DDR_RTT_WR_RZQ_DIV2 /* rtt_wr 2cs */
+ },
+ MV_DDR_DIC_RZQ_DIV7 /* dic */
+ },
+ { /* phy electrical configuration */
+ MV_DDR_OHM_30, /* data_drv_p */
+ MV_DDR_OHM_30, /* data_drv_n */
+ MV_DDR_OHM_30, /* ctrl_drv_p */
+ MV_DDR_OHM_30, /* ctrl_drv_n */
+ {
+ MV_DDR_OHM_60, /* odt_p 1cs */
+ MV_DDR_OHM_120 /* odt_p 2cs */
+ },
+ {
+ MV_DDR_OHM_60, /* odt_n 1cs */
+ MV_DDR_OHM_120 /* odt_n 2cs */
+ },
+ },
+ { /* mac electrical configuration */
+ MV_DDR_ODT_CFG_NORMAL, /* odtcfg_pattern */
+ MV_DDR_ODT_CFG_ALWAYS_ON, /* odtcfg_write */
+ MV_DDR_ODT_CFG_NORMAL, /* odtcfg_read */
+ },
+ }
+};
+#endif
+
+#if DDR_TOPOLOGY == 1
+static struct mv_ddr_topology_map board_topology_map_4g = {
+/* 1CS 8Gb x4 devices of Samsung K4A8G085WC-BCTD */
+ DEBUG_LEVEL_ERROR,
+ 0x1, /* active interfaces */
+ /* cs_mask, mirror, dqs_swap, ck_swap X subphys */
+ { { { {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0},
+ {0x1, 0x2, 0, 0} },
+ SPEED_BIN_DDR_2400R, /* speed_bin */
+ MV_DDR_DEV_WIDTH_8BIT, /* sdram device width */
+ MV_DDR_DIE_CAP_8GBIT, /* die capacity */
+ MV_DDR_FREQ_SAR, /* frequency */
+ 0, 0, /* cas_l, cas_wl */
+ MV_DDR_TEMP_LOW} }, /* temperature */
+ BUS_MASK_32BIT, /* subphys mask */
+ MV_DDR_CFG_DEFAULT, /* ddr configuration data source */
+ NOT_COMBINED, /* ddr twin-die combined*/
+ { {0} }, /* raw spd data */
+ {0}, /* timing parameters */
+ { /* electrical configuration */
+ { /* memory electrical configuration */
+ MV_DDR_RTT_NOM_PARK_RZQ_DISABLE, /* rtt_nom */
+ {
+ MV_DDR_RTT_NOM_PARK_RZQ_DIV4, /* rtt_park 1cs */
+ MV_DDR_RTT_NOM_PARK_RZQ_DIV1 /* rtt_park 2cs */
+ },
+ {
+ MV_DDR_RTT_WR_DYN_ODT_OFF, /* rtt_wr 1cs */
+ MV_DDR_RTT_WR_RZQ_DIV2 /* rtt_wr 2cs */
+ },
+ MV_DDR_DIC_RZQ_DIV7 /* dic */
+ },
+ { /* phy electrical configuration */
+ MV_DDR_OHM_30, /* data_drv_p */
+ MV_DDR_OHM_30, /* data_drv_n */
+ MV_DDR_OHM_30, /* ctrl_drv_p */
+ MV_DDR_OHM_30, /* ctrl_drv_n */
+ {
+ MV_DDR_OHM_60, /* odt_p 1cs */
+ MV_DDR_OHM_120 /* odt_p 2cs */
+ },
+ {
+ MV_DDR_OHM_60, /* odt_n 1cs */
+ MV_DDR_OHM_120 /* odt_n 2cs */
+ },
+ },
+ { /* mac electrical configuration */
+ MV_DDR_ODT_CFG_NORMAL, /* odtcfg_pattern */
+ MV_DDR_ODT_CFG_ALWAYS_ON, /* odtcfg_write */
+ MV_DDR_ODT_CFG_NORMAL, /* odtcfg_read */
+ },
+ }
+};
+#endif
+
+#if DDR_TOPOLOGY == 2
+static struct mv_ddr_topology_map board_topology_map_8g = {
+/* 2CS 8Gb x8 devices of Micron MT40A1G8WE-083E IT */
+ DEBUG_LEVEL_ERROR,
+ 0x1, /* active interfaces */
+ /* cs_mask, mirror, dqs_swap, ck_swap X subphys */
+ { { { {0x3, 0x2, 0, 0},
+ {0x3, 0x2, 0, 0},
+ {0x3, 0x2, 0, 0},
+ {0x3, 0x2, 0, 0},
+ {0x3, 0x2, 0, 0},
+ {0x3, 0x2, 0, 0},
+ {0x3, 0x2, 0, 0},
+ {0x3, 0x2, 0, 0},
+ {0x3, 0x2, 0, 0} },
+ SPEED_BIN_DDR_2400R, /* speed_bin */
+ MV_DDR_DEV_WIDTH_8BIT, /* sdram device width */
+ MV_DDR_DIE_CAP_8GBIT, /* die capacity */
+ MV_DDR_FREQ_SAR, /* frequency */
+ 0, 0, /* cas_l, cas_wl */
+ MV_DDR_TEMP_LOW} }, /* temperature */
+ BUS_MASK_32BIT, /* subphys mask */
+ MV_DDR_CFG_DEFAULT, /* ddr configuration data source */
+ NOT_COMBINED, /* ddr twin-die combined*/
+ { {0} }, /* raw spd data */
+ {0}, /* timing parameters */
+ { /* electrical configuration */
+ { /* memory electrical configuration */
+ MV_DDR_RTT_NOM_PARK_RZQ_DISABLE, /* rtt_nom */
+ {
+ MV_DDR_RTT_NOM_PARK_RZQ_DIV4, /* rtt_park 1cs */
+ MV_DDR_RTT_NOM_PARK_RZQ_DIV1 /* rtt_park 2cs */
+ },
+ {
+ MV_DDR_RTT_WR_DYN_ODT_OFF, /* rtt_wr 1cs */
+ MV_DDR_RTT_WR_RZQ_DIV2 /* rtt_wr 2cs */
+ },
+ MV_DDR_DIC_RZQ_DIV7 /* dic */
+ },
+ { /* phy electrical configuration */
+ MV_DDR_OHM_30, /* data_drv_p */
+ MV_DDR_OHM_30, /* data_drv_n */
+ MV_DDR_OHM_30, /* ctrl_drv_p */
+ MV_DDR_OHM_30, /* ctrl_drv_n */
+ {
+ MV_DDR_OHM_60, /* odt_p 1cs */
+ MV_DDR_OHM_120 /* odt_p 2cs */
+ },
+ {
+ MV_DDR_OHM_60, /* odt_n 1cs */
+ MV_DDR_OHM_120 /* odt_n 2cs */
+ },
+ },
+ { /* mac electrical configuration */
+ MV_DDR_ODT_CFG_NORMAL, /* odtcfg_pattern */
+ MV_DDR_ODT_CFG_ALWAYS_ON, /* odtcfg_write */
+ MV_DDR_ODT_CFG_NORMAL, /* odtcfg_read */
+ },
+ }
+};
+#endif
+
+struct mv_ddr_topology_map *mv_ddr_topology_map_get(void)
+{
+/* a70x0_mochabin board supports 3 DDR4 models (2G/1CS, 4G/1CS, 8G/2CS) */
+#if DDR_TOPOLOGY == 0
+ return &board_topology_map_2g;
+#elif DDR_TOPOLOGY == 1
+ return &board_topology_map_4g;
+#elif DDR_TOPOLOGY == 2
+ return &board_topology_map_8g;
+#else
+ #error "Unknown DDR topology"
+#endif
+}
diff --git a/plat/marvell/armada/a8k/a70x0_mochabin/board/marvell_plat_config.c b/plat/marvell/armada/a8k/a70x0_mochabin/board/marvell_plat_config.c
new file mode 100644
index 0000000..1ed6323
--- /dev/null
+++ b/plat/marvell/armada/a8k/a70x0_mochabin/board/marvell_plat_config.c
@@ -0,0 +1,145 @@
+/*
+ * Copyright (C) 2021 Sartura Ltd.
+ * Copyright (C) 2021 Globalscale technologies, Inc.
+ * Copyright (C) 2021 Marvell International Ltd.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ * https://spdx.org/licenses
+ */
+
+#include <armada_common.h>
+
+/*
+ * If bootrom is currently at BLE there's no need to include the memory
+ * maps structure at this point
+ */
+#include <mvebu_def.h>
+#ifndef IMAGE_BLE
+
+/*****************************************************************************
+ * AMB Configuration
+ *****************************************************************************
+ */
+struct addr_map_win amb_memory_map[] = {
+ /* CP0 SPI1 CS0 Direct Mode access */
+ {0xf900, 0x1000000, AMB_SPI1_CS0_ID},
+};
+
+int marvell_get_amb_memory_map(struct addr_map_win **win,
+ uint32_t *size, uintptr_t base)
+{
+ *win = amb_memory_map;
+ if (*win == NULL)
+ *size = 0;
+ else
+ *size = ARRAY_SIZE(amb_memory_map);
+
+ return 0;
+}
+#endif
+
+/*****************************************************************************
+ * IO_WIN Configuration
+ *****************************************************************************
+ */
+struct addr_map_win io_win_memory_map[] = {
+#ifndef IMAGE_BLE
+ /* MCI 0 indirect window */
+ {MVEBU_MCI_REG_BASE_REMAP(0), 0x100000, MCI_0_TID},
+ /* MCI 1 indirect window */
+ {MVEBU_MCI_REG_BASE_REMAP(1), 0x100000, MCI_1_TID},
+#endif
+};
+
+uint32_t marvell_get_io_win_gcr_target(int ap_index)
+{
+ return PIDI_TID;
+}
+
+int marvell_get_io_win_memory_map(int ap_index, struct addr_map_win **win,
+ uint32_t *size)
+{
+ *win = io_win_memory_map;
+ if (*win == NULL)
+ *size = 0;
+ else
+ *size = ARRAY_SIZE(io_win_memory_map);
+
+ return 0;
+}
+
+#ifndef IMAGE_BLE
+/*****************************************************************************
+ * IOB Configuration
+ *****************************************************************************
+ */
+struct addr_map_win iob_memory_map[] = {
+ /* PEX1_X1 window */
+ {0x00000000f7000000, 0x1000000, PEX1_TID},
+ /* PEX2_X1 window */
+ {0x00000000f8000000, 0x1000000, PEX2_TID},
+ {0x00000000c0000000, 0x30000000, PEX2_TID},
+ {0x0000000800000000, 0x100000000, PEX2_TID},
+ /* PEX0_X4 window */
+ {0x00000000f6000000, 0x1000000, PEX0_TID},
+ /* SPI1_CS0 (RUNIT) window */
+ {0x00000000f9000000, 0x1000000, RUNIT_TID},
+};
+
+int marvell_get_iob_memory_map(struct addr_map_win **win, uint32_t *size,
+ uintptr_t base)
+{
+ *win = iob_memory_map;
+ *size = ARRAY_SIZE(iob_memory_map);
+
+ return 0;
+}
+#endif
+
+/*****************************************************************************
+ * CCU Configuration
+ *****************************************************************************
+ */
+struct addr_map_win ccu_memory_map[] = { /* IO window */
+#ifdef IMAGE_BLE
+ {0x00000000f2000000, 0x4000000, IO_0_TID}, /* IO window */
+#else
+#if LLC_SRAM
+ /* This entry is prepared for OP-TEE OS that enables the LLC SRAM
+ * and changes the window target to SRAM_TID.
+ */
+ {PLAT_MARVELL_LLC_SRAM_BASE, PLAT_MARVELL_LLC_SRAM_SIZE, DRAM_0_TID},
+#endif
+ {0x00000000f2000000, 0xe000000, IO_0_TID},
+ {0x00000000c0000000, 0x30000000, IO_0_TID}, /* IO window */
+ {0x0000000800000000, 0x100000000, IO_0_TID}, /* IO window */
+#endif
+};
+
+uint32_t marvell_get_ccu_gcr_target(int ap)
+{
+ return DRAM_0_TID;
+}
+
+int marvell_get_ccu_memory_map(int ap_index, struct addr_map_win **win,
+ uint32_t *size)
+{
+ *win = ccu_memory_map;
+ *size = ARRAY_SIZE(ccu_memory_map);
+
+ return 0;
+}
+
+#ifdef IMAGE_BLE
+/*****************************************************************************
+ * SKIP IMAGE Configuration
+ *****************************************************************************
+ */
+#if PLAT_RECOVERY_IMAGE_ENABLE
+void *plat_marvell_get_skip_image_data(void)
+{
+ /* No recovery button on a70x0_mochabin board */
+ return NULL;
+}
+#endif
+#endif
diff --git a/plat/marvell/armada/a8k/a70x0_mochabin/board/phy-porting-layer.h b/plat/marvell/armada/a8k/a70x0_mochabin/board/phy-porting-layer.h
new file mode 100644
index 0000000..ab76c31
--- /dev/null
+++ b/plat/marvell/armada/a8k/a70x0_mochabin/board/phy-porting-layer.h
@@ -0,0 +1,87 @@
+/*
+ * Copyright (C) 2021 Sartura Ltd.
+ * Copyright (C) 2021 Globalscale technologies, Inc.
+ * Copyright (C) 2021 Marvell International Ltd.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ * https://spdx.org/licenses
+ */
+
+#ifndef __PHY_PORTING_LAYER_H
+#define __PHY_PORTING_LAYER_H
+
+#define MAX_LANE_NR 6
+
+static const struct xfi_params
+ xfi_static_values_tab[AP_NUM][CP_NUM][MAX_LANE_NR] = {
+ /* AP0 */
+ {
+ /* CP 0 */
+ {
+ { 0 }, /* Comphy0 */
+ { 0 }, /* Comphy1 */
+ { 0 }, /* Comphy2 */
+ { 0 }, /* Comphy3 */
+ { .g1_ffe_res_sel = 0x3, .g1_ffe_cap_sel = 0xf, .align90 = 0x60,
+ .g1_dfe_res = 0x1, .g1_amp = 0x1c, .g1_emph = 0xe,
+ .g1_emph_en = 0x1, .g1_tx_amp_adj = 0x1, .g1_tx_emph_en = 0x1,
+ .g1_tx_emph = 0x0, .g1_rx_selmuff = 0x1, .g1_rx_selmufi = 0x0,
+ .g1_rx_selmupf = 0x2, .g1_rx_selmupi = 0x2,
+ .valid = 1 }, /* Comphy4 */
+ { 0 }, /* Comphy5 */
+ },
+ },
+};
+
+static const struct sata_params
+ sata_static_values_tab[AP_NUM][CP_NUM][MAX_LANE_NR] = {
+ /* AP0 */
+ {
+ /* CP 0 */
+ {
+ { 0 }, /* Comphy0 */
+ { 0 }, /* Comphy1 */
+ { .g1_amp = 0x8, .g2_amp = 0xa, .g3_amp = 0x1e,
+ .g1_emph = 0x1, .g2_emph = 0x2, .g3_emph = 0xe,
+ .g1_emph_en = 0x1, .g2_emph_en = 0x1, .g3_emph_en = 0x1,
+ .g1_tx_amp_adj = 0x1, .g2_tx_amp_adj = 0x1, .g3_tx_amp_adj = 0x1,
+ .g1_tx_emph_en = 0x0, .g2_tx_emph_en = 0x0, .g3_tx_emph_en = 0x0,
+ .g1_tx_emph = 0x1, .g2_tx_emph = 0x1, .g3_tx_emph = 0x1,
+ .g3_dfe_res = 0x1, .g3_ffe_res_sel = 0x4, .g3_ffe_cap_sel = 0xf,
+ .align90 = 0x61,
+ .g1_rx_selmuff = 0x3, .g2_rx_selmuff = 0x3, .g3_rx_selmuff = 0x3,
+ .g1_rx_selmufi = 0x0, .g2_rx_selmufi = 0x0, .g3_rx_selmufi = 0x3,
+ .g1_rx_selmupf = 0x1, .g2_rx_selmupf = 0x1, .g3_rx_selmupf = 0x2,
+ .g1_rx_selmupi = 0x0, .g2_rx_selmupi = 0x0, .g3_rx_selmupi = 0x2,
+ .polarity_invert = COMPHY_POLARITY_NO_INVERT,
+ .valid = 0x1
+ }, /* Comphy2 */
+ { .g1_amp = 0x8, .g2_amp = 0xa, .g3_amp = 0x1e,
+ .g1_emph = 0x1, .g2_emph = 0x2, .g3_emph = 0xe,
+ .g1_emph_en = 0x1, .g2_emph_en = 0x1, .g3_emph_en = 0x1,
+ .g1_tx_amp_adj = 0x1, .g2_tx_amp_adj = 0x1, .g3_tx_amp_adj = 0x1,
+ .g1_tx_emph_en = 0x0, .g2_tx_emph_en = 0x0, .g3_tx_emph_en = 0x0,
+ .g1_tx_emph = 0x1, .g2_tx_emph = 0x1, .g3_tx_emph = 0x1,
+ .g3_dfe_res = 0x1, .g3_ffe_res_sel = 0x4, .g3_ffe_cap_sel = 0xf,
+ .align90 = 0x61,
+ .g1_rx_selmuff = 0x3, .g2_rx_selmuff = 0x3, .g3_rx_selmuff = 0x3,
+ .g1_rx_selmufi = 0x0, .g2_rx_selmufi = 0x0, .g3_rx_selmufi = 0x3,
+ .g1_rx_selmupf = 0x1, .g2_rx_selmupf = 0x1, .g3_rx_selmupf = 0x2,
+ .g1_rx_selmupi = 0x0, .g2_rx_selmupi = 0x0, .g3_rx_selmupi = 0x2,
+ .polarity_invert = COMPHY_POLARITY_NO_INVERT,
+ .valid = 0x1
+ }, /* Comphy3 */
+ { 0 }, /* Comphy4 */
+ { 0 }, /* Comphy5 */
+ },
+ },
+};
+
+static const struct usb_params
+ usb_static_values_tab[AP_NUM][CP_NUM][MAX_LANE_NR] = {
+ [0 ... AP_NUM-1][0 ... CP_NUM-1][0 ... MAX_LANE_NR-1] = {
+ .polarity_invert = COMPHY_POLARITY_NO_INVERT
+ },
+};
+
+#endif /* __PHY_PORTING_LAYER_H */
diff --git a/plat/marvell/armada/a8k/a70x0_mochabin/mvebu_def.h b/plat/marvell/armada/a8k/a70x0_mochabin/mvebu_def.h
new file mode 100644
index 0000000..768f735
--- /dev/null
+++ b/plat/marvell/armada/a8k/a70x0_mochabin/mvebu_def.h
@@ -0,0 +1,15 @@
+/*
+ * Copyright (C) 2021 Marvell International Ltd.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ * https://spdx.org/licenses
+ */
+
+#ifndef MVEBU_DEF_H
+#define MVEBU_DEF_H
+
+#include <a8k_plat_def.h>
+
+#define CP_COUNT 1 /* A70x0 has single CP0 */
+
+#endif /* MVEBU_DEF_H */
diff --git a/plat/marvell/armada/a8k/a70x0_mochabin/platform.mk b/plat/marvell/armada/a8k/a70x0_mochabin/platform.mk
new file mode 100644
index 0000000..2495591
--- /dev/null
+++ b/plat/marvell/armada/a8k/a70x0_mochabin/platform.mk
@@ -0,0 +1,20 @@
+#
+# Copyright (C) 2021 Marvell International Ltd.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+# https://spdx.org/licenses
+#
+
+PCI_EP_SUPPORT := 0
+
+CP_NUM := 1
+$(eval $(call add_define,CP_NUM))
+
+DOIMAGE_SEC := tools/doimage/secure/sec_img_7K.cfg
+
+MARVELL_MOCHI_DRV := drivers/marvell/mochi/apn806_setup.c
+
+BOARD_DIR := $(shell dirname $(lastword $(MAKEFILE_LIST)))
+include plat/marvell/armada/a8k/common/a8k_common.mk
+
+include plat/marvell/armada/common/marvell_common.mk
diff --git a/plat/marvell/armada/a8k/common/a8k_common.mk b/plat/marvell/armada/a8k/common/a8k_common.mk
index 9474d08..4d8a87f 100644
--- a/plat/marvell/armada/a8k/common/a8k_common.mk
+++ b/plat/marvell/armada/a8k/common/a8k_common.mk
@@ -75,6 +75,10 @@
# This define specifies DDR type for BLE
$(eval $(call add_define,CONFIG_DDR4))
+# This define specifies DDR topology for BLE
+DDR_TOPOLOGY ?= 0
+$(eval $(call add_define,DDR_TOPOLOGY))
+
MARVELL_GIC_SOURCES := drivers/arm/gic/common/gic_common.c \
drivers/arm/gic/v2/gicv2_main.c \
drivers/arm/gic/v2/gicv2_helpers.c \
diff --git a/plat/marvell/armada/a8k/common/ble/ble.mk b/plat/marvell/armada/a8k/common/ble/ble.mk
index 87e2ce0..e41ab3e 100644
--- a/plat/marvell/armada/a8k/common/ble/ble.mk
+++ b/plat/marvell/armada/a8k/common/ble/ble.mk
@@ -28,6 +28,7 @@
$(BLE_OBJS): $(MV_DDR_LIB)
$(MV_DDR_LIB): FORCE
+ # Do not remove! Following checks are required to ensure correct TF-A builds, removing these checks leads to broken TF-A builds
$(if $(value MV_DDR_PATH),,$(error "Platform '$(PLAT)' for BLE requires MV_DDR_PATH. Please set MV_DDR_PATH to point to the right directory"))
$(if $(wildcard $(value MV_DDR_PATH)/*),,$(error "'MV_DDR_PATH=$(value MV_DDR_PATH)' was specified, but '$(value MV_DDR_PATH)' directory does not exist"))
$(if $(shell git -C $(value MV_DDR_PATH) rev-parse --show-cdup 2>&1),$(error "'MV_DDR_PATH=$(value MV_DDR_PATH)' was specified, but '$(value MV_DDR_PATH)' does not contain valid mv-ddr-marvell git repository"))
diff --git a/plat/mediatek/common/mtk_cirq.c b/plat/mediatek/common/mtk_cirq.c
index de37986..9cf7144 100644
--- a/plat/mediatek/common/mtk_cirq.c
+++ b/plat/mediatek/common/mtk_cirq.c
@@ -541,11 +541,9 @@
void mt_cirq_sw_reset(void)
{
-#ifdef CIRQ_NEED_SW_RESET
uint32_t st;
st = mmio_read_32(CIRQ_CON);
st |= (CIRQ_SW_RESET << CIRQ_CON_SW_RST_BITS);
mmio_write_32(CIRQ_CON, st);
-#endif
}
diff --git a/plat/mediatek/mt8183/drivers/sspm/sspm.c b/plat/mediatek/mt8183/drivers/sspm/sspm.c
index 3917638..6e76124 100644
--- a/plat/mediatek/mt8183/drivers/sspm/sspm.c
+++ b/plat/mediatek/mt8183/drivers/sspm/sspm.c
@@ -149,7 +149,7 @@
while (sspm_ipi_recv_non_blocking(IPI_ID_PLATFORM,
&ipi_data,
- sizeof(ipi_data))
+ sizeof(ipi_data) / sizeof(uint32_t))
&& count) {
mdelay(100);
count--;
diff --git a/plat/qemu/common/qemu_pm.c b/plat/qemu/common/qemu_pm.c
index c4ffcf9..c2b5091 100644
--- a/plat/qemu/common/qemu_pm.c
+++ b/plat/qemu/common/qemu_pm.c
@@ -208,8 +208,8 @@
#ifdef SECURE_GPIO_BASE
ERROR("QEMU System Power off: with GPIO.\n");
gpio_set_direction(SECURE_GPIO_POWEROFF, GPIO_DIR_OUT);
- gpio_set_value(SECURE_GPIO_POWEROFF, GPIO_LEVEL_HIGH);
gpio_set_value(SECURE_GPIO_POWEROFF, GPIO_LEVEL_LOW);
+ gpio_set_value(SECURE_GPIO_POWEROFF, GPIO_LEVEL_HIGH);
#else
semihosting_exit(ADP_STOPPED_APPLICATION_EXIT, 0);
ERROR("QEMU System Off: semihosting call unexpectedly returned.\n");
@@ -222,8 +222,8 @@
ERROR("QEMU System Reset: with GPIO.\n");
#ifdef SECURE_GPIO_BASE
gpio_set_direction(SECURE_GPIO_RESET, GPIO_DIR_OUT);
- gpio_set_value(SECURE_GPIO_RESET, GPIO_LEVEL_HIGH);
gpio_set_value(SECURE_GPIO_RESET, GPIO_LEVEL_LOW);
+ gpio_set_value(SECURE_GPIO_RESET, GPIO_LEVEL_HIGH);
#else
ERROR("QEMU System Reset: operation not handled.\n");
#endif