Merge "doc: Stop advising the creation of Phabricator issues" into integration
diff --git a/Makefile b/Makefile
index f4589d9..05b2969 100644
--- a/Makefile
+++ b/Makefile
@@ -1135,7 +1135,7 @@
# Add Secure Partition packages
ifeq (${NEED_SP_PKG},yes)
$(BUILD_PLAT)/sp_gen.mk: ${SP_MK_GEN} ${SP_LAYOUT_FILE} | ${BUILD_PLAT}
- ${Q}${PYTHON} "$<" "$@" $(filter-out $<,$^) $(BUILD_PLAT)
+ ${Q}${PYTHON} "$<" "$@" $(filter-out $<,$^) $(BUILD_PLAT) ${COT}
sp: $(SPTOOL) $(DTBS) $(BUILD_PLAT)/sp_gen.mk
${Q}$(SPTOOL) $(SPTOOL_ARGS)
@${ECHO_BLANK_LINE}
diff --git a/drivers/auth/dualroot/cot.c b/drivers/auth/dualroot/cot.c
index 68f3d46..e1e47bc 100644
--- a/drivers/auth/dualroot/cot.c
+++ b/drivers/auth/dualroot/cot.c
@@ -743,29 +743,60 @@
.ptr = (void *)sp_pkg_hash_buf[3],
.len = (unsigned int)HASH_DER_LEN
}
+ }
+ }
+};
+
+DEFINE_SIP_SP_PKG(1);
+DEFINE_SIP_SP_PKG(2);
+DEFINE_SIP_SP_PKG(3);
+DEFINE_SIP_SP_PKG(4);
+
+static const auth_img_desc_t plat_sp_content_cert = {
+ .img_id = PLAT_SP_CONTENT_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = NULL,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &prot_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
},
- [4] = {
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &non_trusted_nv_ctr,
+ .plat_nv_ctr = &non_trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
.type_desc = &sp_pkg5_hash,
.data = {
.ptr = (void *)sp_pkg_hash_buf[4],
.len = (unsigned int)HASH_DER_LEN
}
},
- [5] = {
+ [1] = {
.type_desc = &sp_pkg6_hash,
.data = {
.ptr = (void *)sp_pkg_hash_buf[5],
.len = (unsigned int)HASH_DER_LEN
}
},
- [6] = {
+ [2] = {
.type_desc = &sp_pkg7_hash,
.data = {
.ptr = (void *)sp_pkg_hash_buf[6],
.len = (unsigned int)HASH_DER_LEN
}
},
- [7] = {
+ [3] = {
.type_desc = &sp_pkg8_hash,
.data = {
.ptr = (void *)sp_pkg_hash_buf[7],
@@ -775,14 +806,10 @@
}
};
-DEFINE_SIP_SP_PKG(1);
-DEFINE_SIP_SP_PKG(2);
-DEFINE_SIP_SP_PKG(3);
-DEFINE_SIP_SP_PKG(4);
-DEFINE_SIP_SP_PKG(5);
-DEFINE_SIP_SP_PKG(6);
-DEFINE_SIP_SP_PKG(7);
-DEFINE_SIP_SP_PKG(8);
+DEFINE_PLAT_SP_PKG(5);
+DEFINE_PLAT_SP_PKG(6);
+DEFINE_PLAT_SP_PKG(7);
+DEFINE_PLAT_SP_PKG(8);
#endif /* SPD_spmd */
#else /* IMAGE_BL2 */
@@ -915,6 +942,7 @@
[NT_FW_CONFIG_ID] = &nt_fw_config,
#if defined(SPD_spmd)
[SIP_SP_CONTENT_CERT_ID] = &sip_sp_content_cert,
+ [PLAT_SP_CONTENT_CERT_ID] = &plat_sp_content_cert,
[SP_PKG1_ID] = &sp_pkg1,
[SP_PKG2_ID] = &sp_pkg2,
[SP_PKG3_ID] = &sp_pkg3,
diff --git a/include/bl1/bl1.h b/include/bl1/bl1.h
index e6447f2..21d3ae7 100644
--- a/include/bl1/bl1.h
+++ b/include/bl1/bl1.h
@@ -26,8 +26,8 @@
/*
* BL1 SMC version
*/
-#define BL1_SMC_MAJOR_VER 0x0
-#define BL1_SMC_MINOR_VER 0x1
+#define BL1_SMC_MAJOR_VER UL(0x0)
+#define BL1_SMC_MINOR_VER UL(0x1)
/*
* Defines for FWU SMC function ids.
diff --git a/include/common/tbbr/tbbr_img_def.h b/include/common/tbbr/tbbr_img_def.h
index b29b135..bd125e6 100644
--- a/include/common/tbbr/tbbr_img_def.h
+++ b/include/common/tbbr/tbbr_img_def.h
@@ -11,16 +11,17 @@
#if defined(SPD_spmd)
#define SIP_SP_CONTENT_CERT_ID MAX_IMAGE_IDS
-#define SP_PKG1_ID (MAX_IMAGE_IDS + 1)
-#define SP_PKG2_ID (MAX_IMAGE_IDS + 2)
-#define SP_PKG3_ID (MAX_IMAGE_IDS + 3)
-#define SP_PKG4_ID (MAX_IMAGE_IDS + 4)
-#define SP_PKG5_ID (MAX_IMAGE_IDS + 5)
-#define SP_PKG6_ID (MAX_IMAGE_IDS + 6)
-#define SP_PKG7_ID (MAX_IMAGE_IDS + 7)
-#define SP_PKG8_ID (MAX_IMAGE_IDS + 8)
+#define PLAT_SP_CONTENT_CERT_ID (MAX_IMAGE_IDS + 1)
+#define SP_PKG1_ID (MAX_IMAGE_IDS + 2)
+#define SP_PKG2_ID (MAX_IMAGE_IDS + 3)
+#define SP_PKG3_ID (MAX_IMAGE_IDS + 4)
+#define SP_PKG4_ID (MAX_IMAGE_IDS + 5)
+#define SP_PKG5_ID (MAX_IMAGE_IDS + 6)
+#define SP_PKG6_ID (MAX_IMAGE_IDS + 7)
+#define SP_PKG7_ID (MAX_IMAGE_IDS + 8)
+#define SP_PKG8_ID (MAX_IMAGE_IDS + 9)
#define MAX_SP_IDS U(8)
-#define MAX_NUMBER_IDS (MAX_IMAGE_IDS + MAX_SP_IDS + U(1))
+#define MAX_NUMBER_IDS (MAX_IMAGE_IDS + MAX_SP_IDS + U(2))
#else
#define MAX_NUMBER_IDS MAX_IMAGE_IDS
#endif
diff --git a/include/drivers/auth/auth_mod.h b/include/drivers/auth/auth_mod.h
index 504e539..3965b58 100644
--- a/include/drivers/auth/auth_mod.h
+++ b/include/drivers/auth/auth_mod.h
@@ -51,11 +51,15 @@
extern unsigned int auth_img_flags[MAX_NUMBER_IDS];
#if defined(SPD_spmd)
-#define DEFINE_SIP_SP_PKG(n) \
+
+#define DEFINE_SIP_SP_PKG(n) DEFINE_SP_PKG(n, sip_sp_content_cert)
+#define DEFINE_PLAT_SP_PKG(n) DEFINE_SP_PKG(n, plat_sp_content_cert)
+
+#define DEFINE_SP_PKG(n, cert) \
static const auth_img_desc_t sp_pkg##n = { \
.img_id = SP_PKG##n##_ID, \
.img_type = IMG_RAW, \
- .parent = &sip_sp_content_cert, \
+ .parent = &cert, \
.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { \
[0] = { \
.type = AUTH_METHOD_HASH, \
@@ -66,6 +70,7 @@
} \
} \
}
+
#endif
#endif /* TRUSTED_BOARD_BOOT */
diff --git a/include/lib/smccc.h b/include/lib/smccc.h
index 26509ae..366f056 100644
--- a/include/lib/smccc.h
+++ b/include/lib/smccc.h
@@ -122,7 +122,8 @@
*/
#define DEFINE_SVC_UUID2(_name, _tl, _tm, _th, _cl, _ch, \
_n0, _n1, _n2, _n3, _n4, _n5) \
- CASSERT((uint32_t)(_tl) != (uint32_t)SMC_UNK, invalid_svc_uuid);\
+ CASSERT((uint32_t)(_tl) != (uint32_t)SMC_UNK, \
+ invalid_svc_uuid_##_name); \
static const uuid_t _name = { \
{((_tl) >> 24) & 0xFF, \
((_tl) >> 16) & 0xFF, \
diff --git a/include/plat/arm/common/fconf_arm_sp_getter.h b/include/plat/arm/common/fconf_arm_sp_getter.h
index 236254b..c6315be 100644
--- a/include/plat/arm/common/fconf_arm_sp_getter.h
+++ b/include/plat/arm/common/fconf_arm_sp_getter.h
@@ -14,11 +14,13 @@
#define arm__sp_getter(prop) arm_sp.prop
#define ARM_SP_MAX_SIZE U(0x80000)
+#define ARM_SP_OWNER_NAME_LEN U(8)
struct arm_sp_t {
unsigned int number_of_sp;
union uuid_helper_t uuids[MAX_SP_IDS];
uintptr_t load_addr[MAX_SP_IDS];
+ char owner[MAX_SP_IDS][ARM_SP_OWNER_NAME_LEN];
};
int fconf_populate_arm_sp(uintptr_t config);
diff --git a/include/tools_share/firmware_image_package.h b/include/tools_share/firmware_image_package.h
index 7342c0c..bcde04f 100644
--- a/include/tools_share/firmware_image_package.h
+++ b/include/tools_share/firmware_image_package.h
@@ -66,6 +66,8 @@
{{0x8e, 0xc4, 0xc1, 0xf3}, {0x5d, 0x63}, {0xe4, 0x11}, 0xa7, 0xa9, {0x87, 0xee, 0x40, 0xb2, 0x3f, 0xa7} }
#define UUID_SIP_SECURE_PARTITION_CONTENT_CERT \
{{0x77, 0x6d, 0xfd, 0x44}, {0x86, 0x97}, {0x4c, 0x3b}, 0x91, 0xeb, {0xc1, 0x3e, 0x02, 0x5a, 0x2a, 0x6f} }
+#define UUID_PLAT_SECURE_PARTITION_CONTENT_CERT \
+ {{0xdd, 0xcb, 0xbf, 0x4a}, {0xca, 0xd6}, {0x11, 0xea}, 0x87, 0xd0, {0x02, 0x42, 0xac, 0x13, 0x00, 0x03} }
/* Dynamic configs */
#define UUID_HW_CONFIG \
{{0x08, 0xb8, 0xf1, 0xd9}, {0xc9, 0xcf}, {0x93, 0x49}, 0xa9, 0x62, {0x6f, 0xbc, 0x6b, 0x72, 0x65, 0xcc} }
diff --git a/lib/cpus/aarch64/denver.S b/lib/cpus/aarch64/denver.S
index c050b02..bdca4c3 100644
--- a/lib/cpus/aarch64/denver.S
+++ b/lib/cpus/aarch64/denver.S
@@ -27,8 +27,6 @@
* table.
* -------------------------------------------------
*/
- .globl workaround_bpflush_runtime_exceptions
-
vector_base workaround_bpflush_runtime_exceptions
.macro apply_workaround
diff --git a/lib/debugfs/devfip.c b/lib/debugfs/devfip.c
index b0ee39a..d8b83b7 100644
--- a/lib/debugfs/devfip.c
+++ b/lib/debugfs/devfip.c
@@ -76,7 +76,8 @@
{"fw.cfg", UUID_FW_CONFIG},
{"rot-k.crt", UUID_ROT_KEY_CERT},
{"nt-k.crt", UUID_NON_TRUSTED_WORLD_KEY_CERT},
- {"sip-sp.crt", UUID_SIP_SECURE_PARTITION_CONTENT_CERT}
+ {"sip-sp.crt", UUID_SIP_SECURE_PARTITION_CONTENT_CERT},
+ {"plat-sp.crt", UUID_PLAT_SECURE_PARTITION_CONTENT_CERT}
};
/*******************************************************************************
diff --git a/lib/extensions/amu/aarch32/amu.c b/lib/extensions/amu/aarch32/amu.c
index 7e004de..0f75f07 100644
--- a/lib/extensions/amu/aarch32/amu.c
+++ b/lib/extensions/amu/aarch32/amu.c
@@ -44,7 +44,6 @@
void amu_enable(bool el2_unused)
{
if (!amu_supported()) {
- INFO("AMU is not implemented\n");
return;
}
diff --git a/lib/extensions/amu/aarch64/amu.c b/lib/extensions/amu/aarch64/amu.c
index 28529f4..4997363 100644
--- a/lib/extensions/amu/aarch64/amu.c
+++ b/lib/extensions/amu/aarch64/amu.c
@@ -46,7 +46,6 @@
uint64_t v;
if (!amu_supported()) {
- INFO("AMU is not implemented\n");
return;
}
diff --git a/make_helpers/tbbr/tbbr_tools.mk b/make_helpers/tbbr/tbbr_tools.mk
index 9520934..9c92d3f 100644
--- a/make_helpers/tbbr/tbbr_tools.mk
+++ b/make_helpers/tbbr/tbbr_tools.mk
@@ -103,4 +103,7 @@
# Add SiP owned Secure Partitions CoT (image cert)
ifneq (${SP_LAYOUT_FILE},)
$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/sip_sp_content.crt,--sip-sp-cert))
+ifeq (${COT},dualroot)
+ $(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/plat_sp_content.crt,--plat-sp-cert))
+endif
endif
diff --git a/plat/arm/board/a5ds/a5ds_err.c b/plat/arm/board/a5ds/a5ds_err.c
index 65b41dd..feb9fdf 100644
--- a/plat/arm/board/a5ds/a5ds_err.c
+++ b/plat/arm/board/a5ds/a5ds_err.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,7 +11,7 @@
*/
void __dead2 plat_arm_error_handler(int err)
{
- while (1) {
+ while (true) {
wfi();
}
}
diff --git a/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts b/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
index 280a64a..1ee7285 100644
--- a/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
+++ b/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
@@ -84,11 +84,13 @@
cactus-primary {
uuid = <0x1e67b5b4 0xe14f904a 0x13fb1fb8 0xcbdae1da>;
load-address = <0x7000000>;
+ owner = "SiP";
};
cactus-secondary {
uuid = <0x092358d1 0xb94723f0 0x64447c82 0xc88f57f5>;
load-address = <0x7100000>;
+ owner = "Plat";
};
#endif
};
diff --git a/plat/arm/board/fvp/fvp_bl1_setup.c b/plat/arm/board/fvp/fvp_bl1_setup.c
index 0e77c4d..e713bbc 100644
--- a/plat/arm/board/fvp/fvp_bl1_setup.c
+++ b/plat/arm/board/fvp/fvp_bl1_setup.c
@@ -64,7 +64,7 @@
/* Setup the watchdog to reset the system as soon as possible */
sp805_refresh(ARM_SP805_TWDG_BASE, 1U);
- while (1)
+ while (true)
wfi();
}
diff --git a/plat/arm/board/fvp_ve/fvp_ve_err.c b/plat/arm/board/fvp_ve/fvp_ve_err.c
index 7f9d2f7..8d35688 100644
--- a/plat/arm/board/fvp_ve/fvp_ve_err.c
+++ b/plat/arm/board/fvp_ve/fvp_ve_err.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,7 +11,7 @@
*/
void __dead2 plat_arm_error_handler(int err)
{
- while (1) {
+ while (true) {
wfi();
}
}
diff --git a/plat/arm/board/juno/juno_bl1_setup.c b/plat/arm/board/juno/juno_bl1_setup.c
index 25a27da..2234055 100644
--- a/plat/arm/board/juno/juno_bl1_setup.c
+++ b/plat/arm/board/juno/juno_bl1_setup.c
@@ -97,7 +97,7 @@
/* Setup the watchdog to reset the system as soon as possible */
sp805_refresh(ARM_SP805_TWDG_BASE, 1U);
- while (1)
+ while (true)
wfi();
}
diff --git a/plat/arm/board/rde1edge/rde1edge_err.c b/plat/arm/board/rde1edge/rde1edge_err.c
index e344d82..c72c18c 100644
--- a/plat/arm/board/rde1edge/rde1edge_err.c
+++ b/plat/arm/board/rde1edge/rde1edge_err.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,7 +11,7 @@
*/
void __dead2 plat_arm_error_handler(int err)
{
- while (1) {
+ while (true) {
wfi();
}
}
diff --git a/plat/arm/board/rdn1edge/rdn1edge_err.c b/plat/arm/board/rdn1edge/rdn1edge_err.c
index cdcbf25..46d318c 100644
--- a/plat/arm/board/rdn1edge/rdn1edge_err.c
+++ b/plat/arm/board/rdn1edge/rdn1edge_err.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,7 +11,7 @@
*/
void __dead2 plat_arm_error_handler(int err)
{
- while (1) {
+ while (true) {
wfi();
}
}
diff --git a/plat/arm/board/sgi575/sgi575_err.c b/plat/arm/board/sgi575/sgi575_err.c
index c1cc1a7..21bfcb7 100644
--- a/plat/arm/board/sgi575/sgi575_err.c
+++ b/plat/arm/board/sgi575/sgi575_err.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,7 +11,7 @@
*/
void __dead2 plat_arm_error_handler(int err)
{
- while (1) {
+ while (true) {
wfi();
}
}
diff --git a/plat/arm/board/sgm775/sgm775_err.c b/plat/arm/board/sgm775/sgm775_err.c
index e1e0586..dc114f0 100644
--- a/plat/arm/board/sgm775/sgm775_err.c
+++ b/plat/arm/board/sgm775/sgm775_err.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,7 +11,7 @@
*/
void __dead2 plat_arm_error_handler(int err)
{
- while (1) {
+ while (true) {
wfi();
}
}
diff --git a/plat/arm/board/tc0/tc0_err.c b/plat/arm/board/tc0/tc0_err.c
index 4fc0505..83f2e9f 100644
--- a/plat/arm/board/tc0/tc0_err.c
+++ b/plat/arm/board/tc0/tc0_err.c
@@ -11,7 +11,7 @@
*/
void __dead2 plat_arm_error_handler(int err)
{
- while (1) {
+ while (true) {
wfi();
}
}
diff --git a/plat/arm/common/arm_bl2_setup.c b/plat/arm/common/arm_bl2_setup.c
index 60d8f6e..c90e93c 100644
--- a/plat/arm/common/arm_bl2_setup.c
+++ b/plat/arm/common/arm_bl2_setup.c
@@ -27,7 +27,7 @@
static meminfo_t bl2_tzram_layout __aligned(CACHE_WRITEBACK_GRANULE);
/* Base address of fw_config received from BL1 */
-static uintptr_t fw_config_base;
+static uintptr_t config_base;
/*
* Check that BL2_BASE is above ARM_FW_CONFIG_LIMIT. This reserved page is
@@ -66,7 +66,7 @@
/* Setup the BL2 memory layout */
bl2_tzram_layout = *mem_layout;
- fw_config_base = fw_config;
+ config_base = fw_config;
/* Initialise the IO layer and register platform IO devices */
plat_arm_io_setup();
@@ -152,7 +152,7 @@
arm_bl2_plat_arch_setup();
/* Fill the properties struct with the info from the config dtb */
- fconf_populate("FW_CONFIG", fw_config_base);
+ fconf_populate("FW_CONFIG", config_base);
/* TB_FW_CONFIG was also loaded by BL1 */
tb_fw_config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, TB_FW_CONFIG_ID);
diff --git a/plat/arm/common/fconf/arm_fconf_io.c b/plat/arm/common/fconf/arm_fconf_io.c
index 350ecd1..5f125d3 100644
--- a/plat/arm/common/fconf/arm_fconf_io.c
+++ b/plat/arm/common/fconf/arm_fconf_io.c
@@ -52,6 +52,7 @@
[NON_TRUSTED_FW_CONTENT_CERT_ID] = {UUID_NON_TRUSTED_FW_CONTENT_CERT},
#if defined(SPD_spmd)
[SIP_SP_CONTENT_CERT_ID] = {UUID_SIP_SECURE_PARTITION_CONTENT_CERT},
+ [PLAT_SP_CONTENT_CERT_ID] = {UUID_PLAT_SECURE_PARTITION_CONTENT_CERT},
#endif
#endif /* ARM_IO_IN_DTB */
#endif /* TRUSTED_BOARD_BOOT */
@@ -189,6 +190,11 @@
(uintptr_t)&arm_uuid_spec[SIP_SP_CONTENT_CERT_ID],
open_fip
},
+ [PLAT_SP_CONTENT_CERT_ID] = {
+ &fip_dev_handle,
+ (uintptr_t)&arm_uuid_spec[PLAT_SP_CONTENT_CERT_ID],
+ open_fip
+ },
#endif
#endif /* ARM_IO_IN_DTB */
#endif /* TRUSTED_BOARD_BOOT */
@@ -197,7 +203,7 @@
#ifdef IMAGE_BL2
#if TRUSTED_BOARD_BOOT
-#define FCONF_ARM_IO_UUID_NUMBER U(20)
+#define FCONF_ARM_IO_UUID_NUMBER U(21)
#else
#define FCONF_ARM_IO_UUID_NUMBER U(10)
#endif
@@ -234,6 +240,7 @@
{NON_TRUSTED_FW_CONTENT_CERT_ID, "nt_fw_content_cert_uuid"},
#if defined(SPD_spmd)
{SIP_SP_CONTENT_CERT_ID, "sip_sp_content_cert_uuid"},
+ {PLAT_SP_CONTENT_CERT_ID, "plat_sp_content_cert_uuid"},
#endif
#endif /* TRUSTED_BOARD_BOOT */
};
diff --git a/plat/arm/common/fconf/arm_fconf_sp.c b/plat/arm/common/fconf/arm_fconf_sp.c
index 4459264..50a9dd4 100644
--- a/plat/arm/common/fconf/arm_fconf_sp.c
+++ b/plat/arm/common/fconf/arm_fconf_sp.c
@@ -30,7 +30,13 @@
union uuid_helper_t uuid_helper;
unsigned int index = 0;
uint32_t val32;
- const unsigned int sp_start_index = SP_PKG1_ID;
+ bool is_plat_owned = false;
+ const unsigned int sip_start = SP_PKG1_ID;
+ unsigned int sip_index = sip_start;
+ const unsigned int sip_end = sip_start + MAX_SP_IDS / 2;
+ const unsigned int plat_start = SP_PKG5_ID;
+ unsigned int plat_index = plat_start;
+ const unsigned int plat_end = plat_start + MAX_SP_IDS / 2;
/* As libfdt use void *, we can't avoid this cast */
const void *dtb = (void *)config;
@@ -45,27 +51,20 @@
}
fdt_for_each_subnode(sp_node, dtb, node) {
- if (index == MAX_SP_IDS) {
+ if ((index == MAX_SP_IDS) || (sip_index == sip_end)
+ || (plat_index == plat_end)) {
ERROR("FCONF: Reached max number of SPs\n");
return -1;
}
+ /* Read UUID */
err = fdt_read_uint32_array(dtb, sp_node, "uuid", 4,
uuid_helper.word);
if (err < 0) {
ERROR("FCONF: cannot read SP uuid\n");
return -1;
}
-
arm_sp.uuids[index] = uuid_helper;
-
- err = fdt_read_uint32(dtb, sp_node, "load-address", &val32);
- if (err < 0) {
- ERROR("FCONF: cannot read SP load address\n");
- return -1;
- }
- arm_sp.load_addr[index] = val32;
-
VERBOSE("FCONF: %s UUID %x-%x-%x-%x load_addr=%lx\n",
__func__,
uuid_helper.word[0],
@@ -74,8 +73,52 @@
uuid_helper.word[3],
arm_sp.load_addr[index]);
+ /* Read Load address */
+ err = fdt_read_uint32(dtb, sp_node, "load-address", &val32);
+ if (err < 0) {
+ ERROR("FCONF: cannot read SP load address\n");
+ return -1;
+ }
+ arm_sp.load_addr[index] = val32;
+
- /* Add SP information in mem param descriptor */
- sp_mem_params_descs[index].image_id = sp_start_index + index;
+ /* Read owner field only for dualroot CoT */
+#if defined(ARM_COT_dualroot)
+ /* Owner is an optional field, no need to catch error */
+ fdtw_read_string(dtb, sp_node, "owner",
+ arm_sp.owner[index], ARM_SP_OWNER_NAME_LEN);
+#endif
+ /* If owner is empty mark it as SiP owned */
+ if ((strncmp(arm_sp.owner[index], "SiP",
+ ARM_SP_OWNER_NAME_LEN) == 0) ||
+ (strncmp(arm_sp.owner[index], "",
+ ARM_SP_OWNER_NAME_LEN) == 0)) {
+ is_plat_owned = false;
+ } else if (strcmp(arm_sp.owner[index], "Plat") == 0) {
+ is_plat_owned = true;
+ } else {
+ ERROR("FCONF: %s is not a valid SP owner\n",
+ arm_sp.owner[index]);
+ return -1;
+ }
+ /*
+ * Add SP information in mem param descriptor and IO policies
+ * structure.
+ */
+ if (is_plat_owned) {
+ sp_mem_params_descs[index].image_id = plat_index;
+ policies[plat_index].image_spec =
+ (uintptr_t)&arm_sp.uuids[index];
+ policies[plat_index].dev_handle = &fip_dev_handle;
+ policies[plat_index].check = open_fip;
+ plat_index++;
+ } else {
+ sp_mem_params_descs[index].image_id = sip_index;
+ policies[sip_index].image_spec =
+ (uintptr_t)&arm_sp.uuids[index];
+ policies[sip_index].dev_handle = &fip_dev_handle;
+ policies[sip_index].check = open_fip;
+ sip_index++;
+ }
SET_PARAM_HEAD(&sp_mem_params_descs[index].image_info,
PARAM_IMAGE_BINARY, VERSION_2, 0);
sp_mem_params_descs[index].image_info.image_max_size =
@@ -84,13 +127,6 @@
INVALID_IMAGE_ID;
sp_mem_params_descs[index].image_info.image_base =
arm_sp.load_addr[index];
-
- /* Add SP information in IO policies structure */
- policies[sp_start_index + index].image_spec =
- (uintptr_t)&arm_sp.uuids[index];
- policies[sp_start_index + index].dev_handle = &fip_dev_handle;
- policies[sp_start_index + index].check = open_fip;
-
index++;
}
diff --git a/plat/common/plat_bl1_common.c b/plat/common/plat_bl1_common.c
index 2baa29a..1c6d68b 100644
--- a/plat/common/plat_bl1_common.c
+++ b/plat/common/plat_bl1_common.c
@@ -60,7 +60,7 @@
__dead2 void bl1_plat_fwu_done(void *client_cookie, void *reserved)
{
- while (1)
+ while (true)
wfi();
}
@@ -83,8 +83,8 @@
*/
int bl1_plat_handle_post_image_load(unsigned int image_id)
{
- meminfo_t *bl2_tzram_layout;
- meminfo_t *bl1_tzram_layout;
+ meminfo_t *bl2_secram_layout;
+ meminfo_t *bl1_secram_layout;
image_desc_t *image_desc;
entry_point_info_t *ep_info;
@@ -99,7 +99,7 @@
ep_info = &image_desc->ep_info;
/* Find out how much free trusted ram remains after BL1 load */
- bl1_tzram_layout = bl1_plat_sec_mem_layout();
+ bl1_secram_layout = bl1_plat_sec_mem_layout();
/*
* Create a new layout of memory for BL2 as seen by BL1 i.e.
@@ -108,14 +108,14 @@
* to BL2. BL2 will read the memory layout before using its
* memory for other purposes.
*/
- bl2_tzram_layout = (meminfo_t *) bl1_tzram_layout->total_base;
+ bl2_secram_layout = (meminfo_t *) bl1_secram_layout->total_base;
- bl1_calc_bl2_mem_layout(bl1_tzram_layout, bl2_tzram_layout);
+ bl1_calc_bl2_mem_layout(bl1_secram_layout, bl2_secram_layout);
- ep_info->args.arg1 = (uintptr_t)bl2_tzram_layout;
+ ep_info->args.arg1 = (uintptr_t)bl2_secram_layout;
VERBOSE("BL1: BL2 memory layout address = %p\n",
- (void *) bl2_tzram_layout);
+ (void *) bl2_secram_layout);
return 0;
}
diff --git a/plat/nvidia/tegra/common/tegra_bl31_setup.c b/plat/nvidia/tegra/common/tegra_bl31_setup.c
index 40713b2..e56909d 100644
--- a/plat/nvidia/tegra/common/tegra_bl31_setup.c
+++ b/plat/nvidia/tegra/common/tegra_bl31_setup.c
@@ -248,12 +248,6 @@
tegra_memctrl_setup();
/*
- * Set up the TZRAM memory aperture to allow only secure world
- * access
- */
- tegra_memctrl_tzram_setup(TEGRA_TZRAM_BASE, TEGRA_TZRAM_SIZE);
-
- /*
* Late setup handler to allow platforms to performs additional
* functionality.
* This handler gets called with MMU enabled.
diff --git a/plat/nvidia/tegra/common/tegra_common.mk b/plat/nvidia/tegra/common/tegra_common.mk
index f412a80..bb8bd7d 100644
--- a/plat/nvidia/tegra/common/tegra_common.mk
+++ b/plat/nvidia/tegra/common/tegra_common.mk
@@ -12,37 +12,46 @@
include lib/xlat_tables_v2/xlat_tables.mk
PLAT_BL_COMMON_SOURCES += ${XLAT_TABLES_LIB_SRCS}
-COMMON_DIR := plat/nvidia/tegra/common
+TEGRA_COMMON := plat/nvidia/tegra/common
+TEGRA_DRIVERS := plat/nvidia/tegra/drivers
+TEGRA_LIBS := plat/nvidia/tegra/lib
# Include GICv3 driver files
include drivers/arm/gic/v3/gicv3.mk
TEGRA_GICv3_SOURCES := $(GICV3_SOURCES) \
plat/common/plat_gicv3.c \
- ${COMMON_DIR}/tegra_gicv3.c
+ ${TEGRA_COMMON}/tegra_gicv3.c
# Include GICv2 driver files
include drivers/arm/gic/v2/gicv2.mk
TEGRA_GICv2_SOURCES := ${GICV2_SOURCES} \
plat/common/plat_gicv2.c \
- ${COMMON_DIR}/tegra_gicv2.c
+ ${TEGRA_COMMON}/tegra_gicv2.c
+
+TEGRA_GICv3_SOURCES := drivers/arm/gic/common/gic_common.c \
+ drivers/arm/gic/v3/arm_gicv3_common.c \
+ drivers/arm/gic/v3/gicv3_main.c \
+ drivers/arm/gic/v3/gicv3_helpers.c \
+ plat/common/plat_gicv3.c \
+ ${TEGRA_COMMON}/tegra_gicv3.c
BL31_SOURCES += drivers/delay_timer/delay_timer.c \
drivers/io/io_storage.c \
plat/common/aarch64/crash_console_helpers.S \
${TEGRA_GICv2_SOURCES} \
- ${COMMON_DIR}/aarch64/tegra_helpers.S \
- ${COMMON_DIR}/lib/debug/profiler.c \
- ${COMMON_DIR}/tegra_bl31_setup.c \
- ${COMMON_DIR}/tegra_delay_timer.c \
- ${COMMON_DIR}/tegra_ehf.c \
- ${COMMON_DIR}/tegra_fiq_glue.c \
- ${COMMON_DIR}/tegra_io_storage.c \
- ${COMMON_DIR}/tegra_platform.c \
- ${COMMON_DIR}/tegra_pm.c \
- ${COMMON_DIR}/tegra_sip_calls.c \
- ${COMMON_DIR}/tegra_sdei.c
+ ${TEGRA_COMMON}/aarch64/tegra_helpers.S \
+ ${TEGRA_LIBS}/debug/profiler.c \
+ ${TEGRA_COMMON}/tegra_bl31_setup.c \
+ ${TEGRA_COMMON}/tegra_delay_timer.c \
+ ${TEGRA_COMMON}/tegra_ehf.c \
+ ${TEGRA_COMMON}/tegra_fiq_glue.c \
+ ${TEGRA_COMMON}/tegra_io_storage.c \
+ ${TEGRA_COMMON}/tegra_platform.c \
+ ${TEGRA_COMMON}/tegra_pm.c \
+ ${TEGRA_COMMON}/tegra_sip_calls.c \
+ ${TEGRA_COMMON}/tegra_sdei.c
ifneq ($(ENABLE_STACK_PROTECTOR), 0)
-BL31_SOURCES += ${COMMON_DIR}/tegra_stack_protector.c
+BL31_SOURCES += ${TEGRA_COMMON}/tegra_stack_protector.c
endif
diff --git a/plat/nvidia/tegra/common/tegra_pm.c b/plat/nvidia/tegra/common/tegra_pm.c
index 0430048..78e96cf 100644
--- a/plat/nvidia/tegra/common/tegra_pm.c
+++ b/plat/nvidia/tegra/common/tegra_pm.c
@@ -180,11 +180,6 @@
tegra_memctrl_tzdram_setup(plat_params->tzdram_base,
(uint32_t)plat_params->tzdram_size);
- /*
- * Set up the TZRAM memory aperture to allow only secure world
- * access
- */
- tegra_memctrl_tzram_setup(TEGRA_TZRAM_BASE, TEGRA_TZRAM_SIZE);
} else {
/*
* Initialize the GIC cpu and distributor interfaces
diff --git a/plat/nvidia/tegra/common/drivers/bpmp/bpmp.c b/plat/nvidia/tegra/drivers/bpmp/bpmp.c
similarity index 100%
rename from plat/nvidia/tegra/common/drivers/bpmp/bpmp.c
rename to plat/nvidia/tegra/drivers/bpmp/bpmp.c
diff --git a/plat/nvidia/tegra/common/drivers/bpmp_ipc/intf.c b/plat/nvidia/tegra/drivers/bpmp_ipc/intf.c
similarity index 100%
rename from plat/nvidia/tegra/common/drivers/bpmp_ipc/intf.c
rename to plat/nvidia/tegra/drivers/bpmp_ipc/intf.c
diff --git a/plat/nvidia/tegra/common/drivers/bpmp_ipc/intf.h b/plat/nvidia/tegra/drivers/bpmp_ipc/intf.h
similarity index 100%
rename from plat/nvidia/tegra/common/drivers/bpmp_ipc/intf.h
rename to plat/nvidia/tegra/drivers/bpmp_ipc/intf.h
diff --git a/plat/nvidia/tegra/common/drivers/bpmp_ipc/ivc.c b/plat/nvidia/tegra/drivers/bpmp_ipc/ivc.c
similarity index 100%
rename from plat/nvidia/tegra/common/drivers/bpmp_ipc/ivc.c
rename to plat/nvidia/tegra/drivers/bpmp_ipc/ivc.c
diff --git a/plat/nvidia/tegra/common/drivers/bpmp_ipc/ivc.h b/plat/nvidia/tegra/drivers/bpmp_ipc/ivc.h
similarity index 100%
rename from plat/nvidia/tegra/common/drivers/bpmp_ipc/ivc.h
rename to plat/nvidia/tegra/drivers/bpmp_ipc/ivc.h
diff --git a/plat/nvidia/tegra/common/drivers/flowctrl/flowctrl.c b/plat/nvidia/tegra/drivers/flowctrl/flowctrl.c
similarity index 100%
rename from plat/nvidia/tegra/common/drivers/flowctrl/flowctrl.c
rename to plat/nvidia/tegra/drivers/flowctrl/flowctrl.c
diff --git a/plat/nvidia/tegra/common/drivers/gpcdma/gpcdma.c b/plat/nvidia/tegra/drivers/gpcdma/gpcdma.c
similarity index 100%
rename from plat/nvidia/tegra/common/drivers/gpcdma/gpcdma.c
rename to plat/nvidia/tegra/drivers/gpcdma/gpcdma.c
diff --git a/plat/nvidia/tegra/common/drivers/memctrl/memctrl_v1.c b/plat/nvidia/tegra/drivers/memctrl/memctrl_v1.c
similarity index 95%
rename from plat/nvidia/tegra/common/drivers/memctrl/memctrl_v1.c
rename to plat/nvidia/tegra/drivers/memctrl/memctrl_v1.c
index c3f95db..b3dcd2a 100644
--- a/plat/nvidia/tegra/common/drivers/memctrl/memctrl_v1.c
+++ b/plat/nvidia/tegra/drivers/memctrl/memctrl_v1.c
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -92,20 +93,6 @@
tegra_mc_write_32(MC_SECURITY_CFG1_0, size_in_bytes >> 20);
}
-/*
- * Secure the BL31 TZRAM aperture.
- *
- * phys_base = physical base of TZRAM aperture
- * size_in_bytes = size of aperture in bytes
- */
-void tegra_memctrl_tzram_setup(uint64_t phys_base, uint32_t size_in_bytes)
-{
- /*
- * The v1 hardware controller does not have any registers
- * for setting up the on-chip TZRAM.
- */
-}
-
static void tegra_clear_videomem(uintptr_t non_overlap_area_start,
unsigned long long non_overlap_area_size)
{
diff --git a/plat/nvidia/tegra/common/drivers/memctrl/memctrl_v2.c b/plat/nvidia/tegra/drivers/memctrl/memctrl_v2.c
similarity index 100%
rename from plat/nvidia/tegra/common/drivers/memctrl/memctrl_v2.c
rename to plat/nvidia/tegra/drivers/memctrl/memctrl_v2.c
diff --git a/plat/nvidia/tegra/common/drivers/pmc/pmc.c b/plat/nvidia/tegra/drivers/pmc/pmc.c
similarity index 100%
rename from plat/nvidia/tegra/common/drivers/pmc/pmc.c
rename to plat/nvidia/tegra/drivers/pmc/pmc.c
diff --git a/plat/nvidia/tegra/common/drivers/smmu/smmu.c b/plat/nvidia/tegra/drivers/smmu/smmu.c
similarity index 100%
rename from plat/nvidia/tegra/common/drivers/smmu/smmu.c
rename to plat/nvidia/tegra/drivers/smmu/smmu.c
diff --git a/plat/nvidia/tegra/common/drivers/spe/shared_console.S b/plat/nvidia/tegra/drivers/spe/shared_console.S
similarity index 100%
rename from plat/nvidia/tegra/common/drivers/spe/shared_console.S
rename to plat/nvidia/tegra/drivers/spe/shared_console.S
diff --git a/plat/nvidia/tegra/include/drivers/memctrl.h b/plat/nvidia/tegra/include/drivers/memctrl.h
index d5ef60d..cc85095 100644
--- a/plat/nvidia/tegra/include/drivers/memctrl.h
+++ b/plat/nvidia/tegra/include/drivers/memctrl.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -10,7 +11,6 @@
void tegra_memctrl_setup(void);
void tegra_memctrl_restore_settings(void);
void tegra_memctrl_tzdram_setup(uint64_t phys_base, uint32_t size_in_bytes);
-void tegra_memctrl_tzram_setup(uint64_t phys_base, uint32_t size_in_bytes);
void tegra_memctrl_videomem_setup(uint64_t phys_base, uint32_t size_in_bytes);
void tegra_memctrl_disable_ahb_redirection(void);
void tegra_memctrl_clear_pending_interrupts(void);
diff --git a/plat/nvidia/tegra/common/lib/debug/profiler.c b/plat/nvidia/tegra/lib/debug/profiler.c
similarity index 100%
rename from plat/nvidia/tegra/common/lib/debug/profiler.c
rename to plat/nvidia/tegra/lib/debug/profiler.c
diff --git a/plat/nvidia/tegra/soc/t132/platform_t132.mk b/plat/nvidia/tegra/soc/t132/platform_t132.mk
index 16bd0ea..3d76be9 100644
--- a/plat/nvidia/tegra/soc/t132/platform_t132.mk
+++ b/plat/nvidia/tegra/soc/t132/platform_t132.mk
@@ -25,9 +25,9 @@
BL31_SOURCES += drivers/ti/uart/aarch64/16550_console.S \
lib/cpus/aarch64/denver.S \
- ${COMMON_DIR}/drivers/flowctrl/flowctrl.c \
- ${COMMON_DIR}/drivers/memctrl/memctrl_v1.c \
- ${COMMON_DIR}/drivers/pmc/pmc.c \
+ ${TEGRA_DRIVERS}/flowctrl/flowctrl.c \
+ ${TEGRA_DRIVERS}/memctrl/memctrl_v1.c \
+ ${TEGRA_DRIVERS}/pmc/pmc.c \
${SOC_DIR}/plat_psci_handlers.c \
${SOC_DIR}/plat_sip_calls.c \
${SOC_DIR}/plat_setup.c \
diff --git a/plat/nvidia/tegra/soc/t186/platform_t186.mk b/plat/nvidia/tegra/soc/t186/platform_t186.mk
index d320aac..6739c50 100644
--- a/plat/nvidia/tegra/soc/t186/platform_t186.mk
+++ b/plat/nvidia/tegra/soc/t186/platform_t186.mk
@@ -43,16 +43,16 @@
BL31_SOURCES += drivers/ti/uart/aarch64/16550_console.S \
lib/cpus/aarch64/denver.S \
lib/cpus/aarch64/cortex_a57.S \
- ${COMMON_DIR}/drivers/bpmp_ipc/intf.c \
- ${COMMON_DIR}/drivers/bpmp_ipc/ivc.c \
- ${COMMON_DIR}/drivers/gpcdma/gpcdma.c \
- ${COMMON_DIR}/drivers/memctrl/memctrl_v2.c \
- ${COMMON_DIR}/drivers/smmu/smmu.c \
+ ${TEGRA_DRIVERS}/bpmp_ipc/intf.c \
+ ${TEGRA_DRIVERS}/bpmp_ipc/ivc.c \
+ ${TEGRA_DRIVERS}/gpcdma/gpcdma.c \
+ ${TEGRA_DRIVERS}/memctrl/memctrl_v2.c \
+ ${TEGRA_DRIVERS}/smmu/smmu.c \
${SOC_DIR}/drivers/mce/mce.c \
${SOC_DIR}/drivers/mce/ari.c \
${SOC_DIR}/drivers/mce/nvg.c \
${SOC_DIR}/drivers/mce/aarch64/nvg_helpers.S \
- $(SOC_DIR)/drivers/se/se.c \
+ $(SOC_DIR)/drivers/se/se.c \
${SOC_DIR}/plat_memctrl.c \
${SOC_DIR}/plat_psci_handlers.c \
${SOC_DIR}/plat_setup.c \
diff --git a/plat/nvidia/tegra/soc/t194/platform_t194.mk b/plat/nvidia/tegra/soc/t194/platform_t194.mk
index d7d15f5..7573ed2 100644
--- a/plat/nvidia/tegra/soc/t194/platform_t194.mk
+++ b/plat/nvidia/tegra/soc/t194/platform_t194.mk
@@ -40,11 +40,10 @@
BL31_SOURCES += drivers/ti/uart/aarch64/16550_console.S \
lib/cpus/aarch64/denver.S \
- ${COMMON_DIR}/drivers/bpmp_ipc/intf.c \
- ${COMMON_DIR}/drivers/bpmp_ipc/ivc.c \
- ${COMMON_DIR}/drivers/gpcdma/gpcdma.c \
- ${COMMON_DIR}/drivers/memctrl/memctrl_v2.c \
- ${COMMON_DIR}/drivers/smmu/smmu.c \
+ ${TEGRA_DRIVERS}/bpmp_ipc/intf.c \
+ ${TEGRA_DRIVERS}/bpmp_ipc/ivc.c \
+ ${TEGRA_DRIVERS}/memctrl/memctrl_v2.c \
+ ${TEGRA_DRIVERS}/smmu/smmu.c \
${SOC_DIR}/drivers/mce/mce.c \
${SOC_DIR}/drivers/mce/nvg.c \
${SOC_DIR}/drivers/mce/aarch64/nvg_helpers.S \
@@ -57,8 +56,12 @@
${SOC_DIR}/plat_smmu.c \
${SOC_DIR}/plat_trampoline.S
+ifeq (${USE_GPC_DMA}, 1)
+BL31_SOURCES += ${TEGRA_DRIVERS}/gpcdma/gpcdma.c
+endif
+
ifeq (${ENABLE_CONSOLE_SPE},1)
-BL31_SOURCES += ${COMMON_DIR}/drivers/spe/shared_console.S
+BL31_SOURCES += ${TEGRA_DRIVERS}/spe/shared_console.S
endif
# RAS sources
diff --git a/plat/nvidia/tegra/soc/t210/platform_t210.mk b/plat/nvidia/tegra/soc/t210/platform_t210.mk
index 14e3324..6c4c175 100644
--- a/plat/nvidia/tegra/soc/t210/platform_t210.mk
+++ b/plat/nvidia/tegra/soc/t210/platform_t210.mk
@@ -25,20 +25,20 @@
ENABLE_TEGRA_WDT_LEGACY_FIQ_HANDLING := 1
-PLAT_INCLUDES += -Iplat/nvidia/tegra/include/t210 \
+PLAT_INCLUDES += -Iplat/nvidia/tegra/include/t210 \
-I${SOC_DIR}/drivers/se
BL31_SOURCES += drivers/ti/uart/aarch64/16550_console.S \
lib/cpus/aarch64/cortex_a53.S \
lib/cpus/aarch64/cortex_a57.S \
- ${COMMON_DIR}/drivers/bpmp/bpmp.c \
- ${COMMON_DIR}/drivers/flowctrl/flowctrl.c \
- ${COMMON_DIR}/drivers/memctrl/memctrl_v1.c \
- ${COMMON_DIR}/drivers/pmc/pmc.c \
+ ${TEGRA_DRIVERS}/bpmp/bpmp.c \
+ ${TEGRA_DRIVERS}/flowctrl/flowctrl.c \
+ ${TEGRA_DRIVERS}/memctrl/memctrl_v1.c \
+ ${TEGRA_DRIVERS}/pmc/pmc.c \
${SOC_DIR}/plat_psci_handlers.c \
${SOC_DIR}/plat_setup.c \
${SOC_DIR}/drivers/se/security_engine.c \
- ${SOC_DIR}/plat_secondary.c \
+ ${SOC_DIR}/plat_secondary.c \
${SOC_DIR}/plat_sip_calls.c
# Enable workarounds for selected Cortex-A57 erratas.
diff --git a/plat/qti/common/inc/qti_rng.h b/plat/qti/common/inc/qti_rng.h
new file mode 100644
index 0000000..c933dea
--- /dev/null
+++ b/plat/qti/common/inc/qti_rng.h
@@ -0,0 +1,14 @@
+/*
+ * Copyright (c) 2020, The Linux Foundation. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef QTI_RNG_H
+#define QTI_RNG_H
+
+#include <stdinit.h>
+
+int qti_rng_get_data(uint8_t *out, uint32_t out_len);
+
+#endif /* QTI_RNG_H */
diff --git a/plat/qti/common/src/qti_rng.c b/plat/qti/common/src/qti_rng.c
new file mode 100644
index 0000000..a904209
--- /dev/null
+++ b/plat/qti/common/src/qti_rng.c
@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2020, The Linux Foundation. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#include <stddef.h>
+#include <stdint.h>
+
+#include <lib/mmio.h>
+
+#include <qti_rng_io.h>
+
+int qti_rng_get_data(uint8_t *out, uint32_t out_len)
+{
+ uint32_t tmp_rndm = 0;
+ uint32_t bytes_left = out_len;
+ int i = 0;
+
+ if (NULL == out || 0 == out_len) {
+ return -1;
+ }
+
+ /*
+ * RNG HW initialized at previous boot image.
+ * RNG clocks are expected to be ON.
+ */
+
+ do {
+ /* There is no data to read */
+ if ((mmio_read_32(SEC_PRNG_STATUS) &
+ SEC_PRNG_STATUS_DATA_AVAIL_BMSK) == 0) {
+ continue;
+ }
+
+ while ((tmp_rndm = mmio_read_32(SEC_PRNG_DATA_OUT)) == 0) {
+ ;
+ }
+
+ for (i = 0; i < 4; i++) {
+ *out = (uint8_t) (tmp_rndm >> (8 * i));
+
+ out++;
+ bytes_left--;
+
+ if (bytes_left == 0) {
+ break;
+ }
+ }
+
+ } while (bytes_left != 0);
+
+ return 0;
+}
diff --git a/plat/qti/common/src/qti_stack_protector.c b/plat/qti/common/src/qti_stack_protector.c
index b2dbfb0..572830f 100644
--- a/plat/qti/common/src/qti_stack_protector.c
+++ b/plat/qti/common/src/qti_stack_protector.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019, The Linux Foundation. All rights reserved.
+ * Copyright (c) 2018-2020, The Linux Foundation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,16 +9,18 @@
#include <platform.h>
#include <platform_def.h>
+#include <qti_rng.h>
#include <qtiseclib_interface.h>
u_register_t plat_get_stack_protector_canary(void)
{
u_register_t random = 0x0;
- /* get random data , the below API doesn't return random = 0 in success
- * case */
- qtiseclib_prng_get_data((uint8_t *) &random, sizeof(random));
- assert(0x0 != random);
+ /*
+ * get random data , the below API doesn't return random = 0 on success
+ */
+ qti_rng_get_data((uint8_t *) &random, sizeof(random));
+ assert(random != 0x0);
return random;
}
diff --git a/plat/qti/qtiseclib/inc/qtiseclib_interface.h b/plat/qti/qtiseclib/inc/qtiseclib_interface.h
index edabc5b..357bb6a 100644
--- a/plat/qti/qtiseclib/inc/qtiseclib_interface.h
+++ b/plat/qti/qtiseclib/inc/qtiseclib_interface.h
@@ -63,7 +63,6 @@
void qtiseclib_bl31_platform_setup(void);
void qtiseclib_invoke_isr(uint32_t irq, void *handle);
void qtiseclib_panic(void);
-int qtiseclib_prng_get_data(uint8_t *out, uint32_t out_len);
int qtiseclib_mem_assign(const memprot_info_t *mem_info,
uint32_t mem_info_list_cnt,
diff --git a/plat/qti/qtiseclib/src/qtiseclib_interface_stub.c b/plat/qti/qtiseclib/src/qtiseclib_interface_stub.c
index 494083b..70485fe 100644
--- a/plat/qti/qtiseclib/src/qtiseclib_interface_stub.c
+++ b/plat/qti/qtiseclib/src/qtiseclib_interface_stub.c
@@ -67,17 +67,6 @@
{
}
-int qtiseclib_prng_get_data(uint8_t *out, uint32_t out_len)
-{
- /* fill dummy data to avoid assert and print
- * stub implementation in setup call
- */
- for (int i = 0; i < out_len; i++) {
- out[i] = 0x11;
- }
- return 0;
-}
-
int
qtiseclib_mem_assign(const memprot_info_t *mem_info,
uint32_t mem_info_list_cnt,
diff --git a/plat/qti/sc7180/inc/qti_rng_io.h b/plat/qti/sc7180/inc/qti_rng_io.h
new file mode 100644
index 0000000..f50234f
--- /dev/null
+++ b/plat/qti/sc7180/inc/qti_rng_io.h
@@ -0,0 +1,15 @@
+/*
+ * Copyright (c) 2020, The Linux Foundation. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef QTI_RNG_IO_H
+#define QTI_RNG_IO_H
+
+#define SEC_PRNG_STATUS 0x00791004
+#define SEC_PRNG_STATUS_DATA_AVAIL_BMSK 0x1
+#define SEC_PRNG_DATA_OUT 0x00791000
+
+
+#endif /* QTI_RNG_IO_H */
+
diff --git a/plat/qti/sc7180/platform.mk b/plat/qti/sc7180/platform.mk
index 45e6b33..e551355 100644
--- a/plat/qti/sc7180/platform.mk
+++ b/plat/qti/sc7180/platform.mk
@@ -59,6 +59,7 @@
$(QTI_PLAT_PATH)/common/src/qti_syscall.c \
$(QTI_PLAT_PATH)/common/src/qti_topology.c \
$(QTI_PLAT_PATH)/common/src/qti_pm.c \
+ $(QTI_PLAT_PATH)/common/src/qti_rng.c \
$(QTI_PLAT_PATH)/qtiseclib/src/qtiseclib_cb_interface.c \
diff --git a/tools/cert_create/include/dualroot/cot.h b/tools/cert_create/include/dualroot/cot.h
index 1d959d4..3e50c89 100644
--- a/tools/cert_create/include/dualroot/cot.h
+++ b/tools/cert_create/include/dualroot/cot.h
@@ -23,6 +23,7 @@
/* Certificates owned by the platform owner. */
NON_TRUSTED_FW_CONTENT_CERT,
+ PLAT_SECURE_PARTITION_CONTENT_CERT,
};
/* Certificate extensions. */
diff --git a/tools/cert_create/src/dualroot/cot.c b/tools/cert_create/src/dualroot/cot.c
index a12ea21..4dd4cf0 100644
--- a/tools/cert_create/src/dualroot/cot.c
+++ b/tools/cert_create/src/dualroot/cot.c
@@ -152,12 +152,27 @@
SP_PKG2_HASH_EXT,
SP_PKG3_HASH_EXT,
SP_PKG4_HASH_EXT,
+ },
+ .num_ext = 5
+ },
+
+ [PLAT_SECURE_PARTITION_CONTENT_CERT] = {
+ .id = PLAT_SECURE_PARTITION_CONTENT_CERT,
+ .opt = "plat-sp-cert",
+ .help_msg = "Platform owned Secure Partition Content Certificate (output file)",
+ .fn = NULL,
+ .cn = "Platform owned Secure Partition Content Certificate",
+ .key = PROT_KEY,
+ .issuer = PLAT_SECURE_PARTITION_CONTENT_CERT,
+ .ext = {
+ NON_TRUSTED_FW_NVCOUNTER_EXT,
SP_PKG5_HASH_EXT,
SP_PKG6_HASH_EXT,
SP_PKG7_HASH_EXT,
SP_PKG8_HASH_EXT,
+ PROT_PK_EXT,
},
- .num_ext = 9
+ .num_ext = 6
},
[FWU_CERT] = {
diff --git a/tools/fiptool/tbbr_config.c b/tools/fiptool/tbbr_config.c
index bf721c1..c1e5217 100644
--- a/tools/fiptool/tbbr_config.c
+++ b/tools/fiptool/tbbr_config.c
@@ -162,6 +162,11 @@
.cmdline_name = "sip-sp-cert"
},
{
+ .name = "Platform owned Secure Partition content certificate",
+ .uuid = UUID_PLAT_SECURE_PARTITION_CONTENT_CERT,
+ .cmdline_name = "plat-sp-cert"
+ },
+ {
.name = NULL,
.uuid = { {0} },
.cmdline_name = NULL,
diff --git a/tools/sptool/sp_mk_generator.py b/tools/sptool/sp_mk_generator.py
index 2153a56..a37e702 100755
--- a/tools/sptool/sp_mk_generator.py
+++ b/tools/sptool/sp_mk_generator.py
@@ -19,6 +19,7 @@
param1: Generated mk file "sp_gen.mk"
param2: "SP_LAYOUT_FILE", json file containing platform provided information
param3: plat out directory
+param4: CoT parameter
Generated "sp_gen.mk" file contains triplet of following information for each
Secure Partition entry
@@ -58,11 +59,39 @@
gen_file = os.path.abspath(sys.argv[1])
out_dir = os.path.abspath(sys.argv[3])
dtb_dir = out_dir + "/fdts/"
+MAX_SP = 8
+dualroot = sys.argv[4].lower() == "dualroot"
+split = int(MAX_SP / 2)
print(dtb_dir)
+platform_count = 1
+sip_count = 1
with open(gen_file, 'w') as out_file:
for idx, key in enumerate(data.keys()):
+ pkg_num = idx + 1
+
+ if (pkg_num > MAX_SP):
+ print("WARNING: Too many secure partitions\n")
+ exit(-1)
+
+ if dualroot:
+ owner = data[key].get('owner')
+ if owner == "Plat":
+ if (platform_count > split):
+ print("WARNING: Maximum Secure partitions by Plat " +
+ "have been exceeded (" + str(split) + ")\n")
+ exit(-1)
+ pkg_num = split + platform_count
+ platform_count += 1
+ elif (sip_count > split):
+ print("WARNING: Maximum Secure partitions by SiP " +
+ "have been exceeded (" + str(split) + ")\n")
+ exit(-1)
+ else:
+ pkg_num = sip_count
+ sip_count += 1
+
"""
Append FDT_SOURCES
"""
@@ -81,10 +110,10 @@
Extract uuid from partition manifest
"""
pm_file = open(dts)
- key = "uuid"
+ uuid_key = "uuid"
for line in pm_file:
- if key in line:
+ if uuid_key in line:
uuid_hex = re.findall(r'\<(.+?)\>', line)[0];
# PM has uuid in format 0xABC... 0x... 0x... 0x...
@@ -103,5 +132,6 @@
"""
Append CRT_ARGS
"""
- out_file.write("CRT_ARGS += --sp-pkg" + str(idx + 1) + " " + dst + "\n")
+
+ out_file.write("CRT_ARGS += --sp-pkg" + str(pkg_num) + " " + dst + "\n")
out_file.write("\n")