Merge "fix(docs): add plantuml as a dependency" into integration
diff --git a/Makefile b/Makefile
index 5780832..a69bfbb 100644
--- a/Makefile
+++ b/Makefile
@@ -456,6 +456,10 @@
# Pass ld options with Wl or Xlinker switches
TF_LDFLAGS += -Wl,--fatal-warnings -O1
TF_LDFLAGS += -Wl,--gc-sections
+
+TF_LDFLAGS += -Wl,-z,common-page-size=4096 # Configure page size constants
+TF_LDFLAGS += -Wl,-z,max-page-size=4096
+
ifeq ($(ENABLE_LTO),1)
ifeq (${ARCH},aarch64)
TF_LDFLAGS += -flto -fuse-linker-plugin
@@ -473,6 +477,10 @@
else
TF_LDFLAGS += -O1
TF_LDFLAGS += --gc-sections
+
+TF_LDFLAGS += -z common-page-size=4096 # Configure page size constants
+TF_LDFLAGS += -z max-page-size=4096
+
# ld.lld doesn't recognize the errata flags,
# therefore don't add those in that case.
# ld.lld reports section type mismatch warnings,
diff --git a/bl1/bl1.ld.S b/bl1/bl1.ld.S
index 124358c..bec234b 100644
--- a/bl1/bl1.ld.S
+++ b/bl1/bl1.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -72,7 +72,7 @@
. = ALIGN(16);
} >ROM
#else /* SEPARATE_CODE_AND_RODATA */
- ro . : {
+ .ro . : {
__RO_START__ = .;
*bl1_entrypoint.o(.text*)
@@ -118,9 +118,9 @@
* not mixed with normal data. This is required to set up the correct memory
* attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
- *(tzfw_coherent_mem)
+ *(.tzfw_coherent_mem)
__COHERENT_RAM_END_UNALIGNED__ = .;
/*
diff --git a/bl2/bl2.ld.S b/bl2/bl2.ld.S
index 3df8f07..458a12b 100644
--- a/bl2/bl2.ld.S
+++ b/bl2/bl2.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -60,7 +60,7 @@
__RODATA_END__ = .;
} >RAM
#else /* SEPARATE_CODE_AND_RODATA */
- ro . : {
+ .ro . : {
__RO_START__ = .;
*bl2_entrypoint.o(.text*)
@@ -98,9 +98,9 @@
* not mixed with normal data. This is required to set up the correct
* memory attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
- *(tzfw_coherent_mem)
+ *(.tzfw_coherent_mem)
__COHERENT_RAM_END_UNALIGNED__ = .;
/*
diff --git a/bl2/bl2_el3.ld.S b/bl2/bl2_el3.ld.S
index 0c2764e..aa457fa 100644
--- a/bl2/bl2_el3.ld.S
+++ b/bl2/bl2_el3.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -76,7 +76,7 @@
ASSERT(__TEXT_RESIDENT_END__ - __TEXT_RESIDENT_START__ <= PAGE_SIZE,
"Resident part of BL2 has exceeded its limit.")
#else /* SEPARATE_CODE_AND_RODATA */
- ro . : {
+ .ro . : {
__RO_START__ = .;
__TEXT_RESIDENT_START__ = .;
@@ -149,10 +149,10 @@
* not mixed with normal data. This is required to set up the correct
* memory attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
- *(tzfw_coherent_mem)
+ *(.tzfw_coherent_mem)
__COHERENT_RAM_END_UNALIGNED__ = .;
diff --git a/bl2u/bl2u.ld.S b/bl2u/bl2u.ld.S
index 0f06dfd..52a925b 100644
--- a/bl2u/bl2u.ld.S
+++ b/bl2u/bl2u.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -55,7 +55,7 @@
__RODATA_END__ = .;
} >RAM
#else /* SEPARATE_CODE_AND_RODATA */
- ro . : {
+ .ro . : {
__RO_START__ = .;
*bl2u_entrypoint.o(.text*)
@@ -93,9 +93,9 @@
* not mixed with normal data. This is required to set up the correct
* memory attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
- *(tzfw_coherent_mem)
+ *(.tzfw_coherent_mem)
__COHERENT_RAM_END_UNALIGNED__ = .;
/*
diff --git a/bl31/aarch64/crash_reporting.S b/bl31/aarch64/crash_reporting.S
index d56b513..4cec110 100644
--- a/bl31/aarch64/crash_reporting.S
+++ b/bl31/aarch64/crash_reporting.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -15,8 +15,8 @@
.globl report_unhandled_exception
.globl report_unhandled_interrupt
- .globl el3_panic
- .globl elx_panic
+ .globl report_el3_panic
+ .globl report_elx_panic
#if CRASH_REPORTING
@@ -64,7 +64,7 @@
x30_msg:
.asciz "x30"
excpt_msg_el:
- .asciz "Unhandled Exception from EL"
+ .asciz "Unhandled Exception from lower EL.\n"
/*
* Helper function to print from crash buf.
@@ -194,28 +194,20 @@
/* -----------------------------------------------------
* This function allows to report a crash from the lower
* exception level (if crash reporting is enabled) when
- * panic() is invoked from C Runtime.
+ * lower_el_panic() is invoked from C Runtime.
* It prints the CPU state via the crash console making
* use of 'cpu_context' structure where general purpose
* registers are saved and the crash buf.
* This function will not return.
- *
- * x0: Exception level
* -----------------------------------------------------
*/
-func elx_panic
+func report_elx_panic
msr spsel, #MODE_SP_ELX
- mov x8, x0
/* Print the crash message */
adr x4, excpt_msg_el
bl asm_print_str
- /* Print exception level */
- add x0, x8, #'0'
- bl plat_crash_console_putc
- bl asm_print_newline
-
/* Report x0 - x29 values stored in 'gpregs_ctx' structure */
/* Store the ascii list pointer in x6 */
adr x6, gp_regs
@@ -295,7 +287,7 @@
mrs x2, sctlr_el1
mrs x1, tcr_el1
b test_pauth
-endfunc elx_panic
+endfunc report_elx_panic
/* -----------------------------------------------------
* This function allows to report a crash (if crash
@@ -305,7 +297,7 @@
* will not return.
* -----------------------------------------------------
*/
-func el3_panic
+func report_el3_panic
msr spsel, #MODE_SP_ELX
prepare_crash_buf_save_x0_x1
adr x0, panic_msg
@@ -463,7 +455,7 @@
/* Done reporting */
no_ret plat_panic_handler
-endfunc el3_panic
+endfunc report_el3_panic
#else /* CRASH_REPORTING */
func report_unhandled_exception
diff --git a/bl31/aarch64/ea_delegate.S b/bl31/aarch64/ea_delegate.S
index dbb3234..9419476 100644
--- a/bl31/aarch64/ea_delegate.S
+++ b/bl31/aarch64/ea_delegate.S
@@ -16,9 +16,8 @@
#include <context.h>
.globl handle_lower_el_ea_esb
- .globl handle_lower_el_async_ea
- .globl enter_lower_el_sync_ea
- .globl enter_lower_el_async_ea
+ .globl handle_lower_el_sync_ea
+ .globl handle_lower_el_async_ea
/*
@@ -42,17 +41,12 @@
* Implementation Defined Exceptions. If any other kind of exception is detected,
* then this function reports unhandled exception.
*
- * Since it's part of exception vector, this function doesn't expect any GP
- * registers to have been saved. It delegates the handling of the EA to platform
- * handler, and upon successfully handling the EA, exits EL3; otherwise panics.
+ * It delegates the handling of the EA to platform handler, and upon successfully
+ * handling the EA, exits EL3; otherwise panics.
+ *
+ * This function assumes x30 has been saved.
*/
-func enter_lower_el_sync_ea
- /*
- * Explicitly save x30 so as to free up a register and to enable
- * branching.
- */
- str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
-
+func handle_lower_el_sync_ea
mrs x30, esr_el3
ubfx x30, x30, #ESR_EC_SHIFT, #ESR_EC_LENGTH
@@ -114,24 +108,19 @@
/* Synchronous exceptions other than the above are assumed to be EA */
ldr x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
no_ret report_unhandled_exception
-endfunc enter_lower_el_sync_ea
+endfunc handle_lower_el_sync_ea
/*
* This function handles SErrors from lower ELs.
*
- * Since it's part of exception vector, this function doesn't expect any GP
- * registers to have been saved. It delegates the handling of the EA to platform
- * handler, and upon successfully handling the EA, exits EL3; otherwise panics.
+ * It delegates the handling of the EA to platform handler, and upon successfully
+ * handling the EA, exits EL3; otherwise panics.
+ *
+ * This function assumes x30 has been saved.
*/
-func enter_lower_el_async_ea
- /*
- * Explicitly save x30 so as to free up a register and to enable
- * branching
- */
- str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
+func handle_lower_el_async_ea
-handle_lower_el_async_ea:
/*
* Save general purpose and ARMv8.3-PAuth registers (if enabled).
* If Secure Cycle Counter is not disabled in MDCR_EL3 when
@@ -153,7 +142,7 @@
/* el3_exit assumes SP_EL0 on entry */
msr spsel, #MODE_SP_EL0
b el3_exit
-endfunc enter_lower_el_async_ea
+endfunc handle_lower_el_async_ea
/*
@@ -201,7 +190,7 @@
*/
ubfx x2, x1, #ESR_EC_SHIFT, #ESR_EC_LENGTH
cmp x2, EC_SERROR
- b.ne do_panic
+ b.ne el3_panic
/*
* Check for Implementation Defined Syndrome. If so, skip checking
* Uncontainable error type from the syndrome as the format is unknown.
diff --git a/bl31/aarch64/runtime_exceptions.S b/bl31/aarch64/runtime_exceptions.S
index 0c60859..500e87b 100644
--- a/bl31/aarch64/runtime_exceptions.S
+++ b/bl31/aarch64/runtime_exceptions.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -40,6 +40,14 @@
.globl serror_aarch32
/*
+ * Save LR and make x30 available as most of the routines in vector entry
+ * need a free register
+ */
+ .macro save_x30
+ str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
+ .endm
+
+ /*
* Macro that prepares entry to EL3 upon taking an exception.
*
* With RAS_EXTENSION, this macro synchronizes pending errors with an ESB
@@ -58,12 +66,6 @@
/* Unmask the SError interrupt */
msr daifclr, #DAIF_ABT_BIT
- /*
- * Explicitly save x30 so as to free up a register and to enable
- * branching
- */
- str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
-
/* Check for SErrors synchronized by the ESB instruction */
mrs x30, DISR_EL1
tbz x30, #DISR_A_BIT, 1f
@@ -108,11 +110,7 @@
/* Use ISB for the above unmask operation to take effect immediately */
isb
- /*
- * Refer Note 1.
- * No need to restore X30 as macros following this modify x30 anyway.
- */
- str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
+ /* Refer Note 1. */
mov x30, #1
str x30, [sp, #CTX_EL3STATE_OFFSET + CTX_IS_IN_EL3]
dmb sy
@@ -153,7 +151,7 @@
/* Synchronous exceptions other than the above are assumed to be EA */
ldr x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
- b enter_lower_el_sync_ea
+ b handle_lower_el_sync_ea
.endm
@@ -316,7 +314,7 @@
* triggered due to explicit synchronization in EL3. Refer Note 1.
*/
/* Assumes SP_EL3 on entry */
- str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
+ save_x30
ldr x30, [sp, #CTX_EL3STATE_OFFSET + CTX_IS_IN_EL3]
cbnz x30, 1f
@@ -338,32 +336,36 @@
* to a valid cpu context where the general purpose and system register
* state can be saved.
*/
+ save_x30
apply_at_speculative_wa
check_and_unmask_ea
handle_sync_exception
end_vector_entry sync_exception_aarch64
vector_entry irq_aarch64
+ save_x30
apply_at_speculative_wa
check_and_unmask_ea
handle_interrupt_exception irq_aarch64
end_vector_entry irq_aarch64
vector_entry fiq_aarch64
+ save_x30
apply_at_speculative_wa
check_and_unmask_ea
handle_interrupt_exception fiq_aarch64
end_vector_entry fiq_aarch64
vector_entry serror_aarch64
+ save_x30
apply_at_speculative_wa
#if RAS_EXTENSION
msr daifclr, #DAIF_ABT_BIT
- b enter_lower_el_async_ea
#else
check_and_unmask_ea
- b handle_lower_el_async_ea
#endif
+ b handle_lower_el_async_ea
+
end_vector_entry serror_aarch64
/* ---------------------------------------------------------------------
@@ -377,32 +379,36 @@
* to a valid cpu context where the general purpose and system register
* state can be saved.
*/
+ save_x30
apply_at_speculative_wa
check_and_unmask_ea
handle_sync_exception
end_vector_entry sync_exception_aarch32
vector_entry irq_aarch32
+ save_x30
apply_at_speculative_wa
check_and_unmask_ea
handle_interrupt_exception irq_aarch32
end_vector_entry irq_aarch32
vector_entry fiq_aarch32
+ save_x30
apply_at_speculative_wa
check_and_unmask_ea
handle_interrupt_exception fiq_aarch32
end_vector_entry fiq_aarch32
vector_entry serror_aarch32
+ save_x30
apply_at_speculative_wa
#if RAS_EXTENSION
msr daifclr, #DAIF_ABT_BIT
- b enter_lower_el_async_ea
#else
check_and_unmask_ea
- b handle_lower_el_async_ea
#endif
+ b handle_lower_el_async_ea
+
end_vector_entry serror_aarch32
#ifdef MONITOR_TRAPS
@@ -563,7 +569,7 @@
*/
tst w0, w0
- b.mi do_panic /* negative return value: panic */
+ b.mi elx_panic /* negative return value: panic */
b.eq 1f /* zero: do not change ELR_EL3 */
/* advance the PC to continue after the instruction */
diff --git a/bl31/bl31.ld.S b/bl31/bl31.ld.S
index 5d3139b..c829058 100644
--- a/bl31/bl31.ld.S
+++ b/bl31/bl31.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -66,7 +66,7 @@
__RODATA_END__ = .;
} >RAM
#else /* SEPARATE_CODE_AND_RODATA */
- ro . : {
+ .ro . : {
__RO_START__ = .;
*bl31_entrypoint.o(.text*)
@@ -111,7 +111,7 @@
* There's no need to include this into the RO section of BL31 because it
* doesn't need to be accessed by BL31.
*/
- spm_shim_exceptions : ALIGN(PAGE_SIZE) {
+ .spm_shim_exceptions : ALIGN(PAGE_SIZE) {
__SPM_SHIM_EXCEPTIONS_START__ = .;
*(.spm_shim_exceptions)
@@ -121,9 +121,9 @@
__SPM_SHIM_EXCEPTIONS_END__ = .;
} >SPM_SHIM_EXCEPTIONS_VMA AT>RAM
- PROVIDE(__SPM_SHIM_EXCEPTIONS_LMA__ = LOADADDR(spm_shim_exceptions));
+ PROVIDE(__SPM_SHIM_EXCEPTIONS_LMA__ = LOADADDR(.spm_shim_exceptions));
- . = LOADADDR(spm_shim_exceptions) + SIZEOF(spm_shim_exceptions);
+ . = LOADADDR(.spm_shim_exceptions) + SIZEOF(.spm_shim_exceptions);
#endif /* SPM_MM */
__RW_START__ = .;
@@ -162,15 +162,15 @@
* not mixed with normal data. This is required to set up the correct
* memory attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
/*
* Bakery locks are stored in coherent memory. Each lock's data is
* contiguous and fully allocated by the compiler.
*/
- *(bakery_lock)
- *(tzfw_coherent_mem)
+ *(.bakery_lock)
+ *(.tzfw_coherent_mem)
__COHERENT_RAM_END_UNALIGNED__ = .;
diff --git a/bl31/bl31.mk b/bl31/bl31.mk
index e6609fe..e9590d5 100644
--- a/bl31/bl31.mk
+++ b/bl31/bl31.mk
@@ -112,11 +112,11 @@
BL31_SOURCES += lib/extensions/mpam/mpam.c
endif
-ifeq (${ENABLE_TRBE_FOR_NS},1)
+ifneq (${ENABLE_TRBE_FOR_NS},0)
BL31_SOURCES += lib/extensions/trbe/trbe.c
endif
-ifeq (${ENABLE_BRBE_FOR_NS},1)
+ifneq (${ENABLE_BRBE_FOR_NS},0)
BL31_SOURCES += lib/extensions/brbe/brbe.c
endif
@@ -124,7 +124,7 @@
BL31_SOURCES += lib/extensions/sys_reg_trace/aarch64/sys_reg_trace.c
endif
-ifeq (${ENABLE_TRF_FOR_NS},1)
+ifneq (${ENABLE_TRF_FOR_NS},0)
BL31_SOURCES += lib/extensions/trf/aarch64/trf.c
endif
diff --git a/bl32/sp_min/sp_min.ld.S b/bl32/sp_min/sp_min.ld.S
index 59e164a..1695e1e 100644
--- a/bl32/sp_min/sp_min.ld.S
+++ b/bl32/sp_min/sp_min.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -62,7 +62,7 @@
__RODATA_END__ = .;
} >RAM
#else /* SEPARATE_CODE_AND_RODATA */
- ro . : {
+ .ro . : {
__RO_START__ = .;
*entrypoint.o(.text*)
@@ -115,15 +115,15 @@
* not mixed with normal data. This is required to set up the correct
* memory attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
/*
* Bakery locks are stored in coherent memory. Each lock's data is
* contiguous and fully allocated by the compiler.
*/
- *(bakery_lock)
- *(tzfw_coherent_mem)
+ *(.bakery_lock)
+ *(.tzfw_coherent_mem)
__COHERENT_RAM_END_UNALIGNED__ = .;
diff --git a/bl32/sp_min/sp_min.mk b/bl32/sp_min/sp_min.mk
index b2f4e4c..2a6612a 100644
--- a/bl32/sp_min/sp_min.mk
+++ b/bl32/sp_min/sp_min.mk
@@ -50,7 +50,7 @@
BL32_SOURCES += lib/extensions/sys_reg_trace/aarch32/sys_reg_trace.c
endif
-ifeq (${ENABLE_TRF_FOR_NS},1)
+ifneq (${ENABLE_TRF_FOR_NS},0)
BL32_SOURCES += lib/extensions/trf/aarch32/trf.c
endif
diff --git a/bl32/tsp/tsp.ld.S b/bl32/tsp/tsp.ld.S
index 1e9cb88..a6658dd 100644
--- a/bl32/tsp/tsp.ld.S
+++ b/bl32/tsp/tsp.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -46,7 +46,7 @@
__RODATA_END__ = .;
} >RAM
#else /* SEPARATE_CODE_AND_RODATA */
- ro . : {
+ .ro . : {
__RO_START__ = .;
*tsp_entrypoint.o(.text*)
@@ -90,9 +90,9 @@
* not mixed with normal data. This is required to set up the correct memory
* attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
- *(tzfw_coherent_mem)
+ *(.tzfw_coherent_mem)
__COHERENT_RAM_END_UNALIGNED__ = .;
/*
diff --git a/common/aarch32/debug.S b/common/aarch32/debug.S
index ae0bb7a..2937f56 100644
--- a/common/aarch32/debug.S
+++ b/common/aarch32/debug.S
@@ -12,7 +12,7 @@
.globl asm_print_hex
.globl asm_print_hex_bits
.globl asm_assert
- .globl do_panic
+ .globl el3_panic
.globl report_exception
.globl report_prefetch_abort
.globl report_data_abort
@@ -159,14 +159,14 @@
endfunc asm_print_hex
/***********************************************************
- * The common implementation of do_panic for all BL stages
+ * The common implementation of el3_panic for all BL stages
***********************************************************/
.section .rodata.panic_str, "aS"
panic_msg: .asciz "PANIC at PC : 0x"
panic_end: .asciz "\r\n"
-func do_panic
+func el3_panic
/* Have LR copy point to PC at the time of panic */
sub r6, lr, #4
@@ -194,7 +194,7 @@
_panic_handler:
mov lr, r6
b plat_panic_handler
-endfunc do_panic
+endfunc el3_panic
/***********************************************************
* This function is called from the vector table for
diff --git a/common/aarch64/debug.S b/common/aarch64/debug.S
index 742e022..8768a1f 100644
--- a/common/aarch64/debug.S
+++ b/common/aarch64/debug.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2023 Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -13,7 +13,8 @@
.globl asm_print_hex_bits
.globl asm_print_newline
.globl asm_assert
- .globl do_panic
+ .globl el3_panic
+ .globl elx_panic
/* Since the max decimal input number is 65536 */
#define MAX_DEC_DIVISOR 10000
@@ -145,54 +146,33 @@
endfunc asm_print_newline
/***********************************************************
- * The common implementation of do_panic for all BL stages
+ * The common implementation of el3_panic for all BL stages
***********************************************************/
.section .rodata.panic_str, "aS"
panic_msg: .asciz "PANIC at PC : 0x"
+func elx_panic
+#if CRASH_REPORTING && defined(IMAGE_BL31)
+ b report_elx_panic
+#endif /* CRASH_REPORTING && IMAGE_BL31 */
+
+ b panic_common
+endfunc elx_panic
+
/* ---------------------------------------------------------------------------
- * do_panic assumes that it is invoked from a C Runtime Environment ie a
+ * el3_panic assumes that it is invoked from a C Runtime Environment ie a
* valid stack exists. This call will not return.
* Clobber list : if CRASH_REPORTING is not enabled then x30, x0 - x6
* ---------------------------------------------------------------------------
*/
-/* This is for the non el3 BL stages to compile through */
- .weak el3_panic
- .weak elx_panic
-
-func do_panic
-#if CRASH_REPORTING
- str x0, [sp, #-0x10]!
- mrs x0, currentel
- ubfx x0, x0, #MODE_EL_SHIFT, #MODE_EL_WIDTH
- cmp x0, #MODE_EL3
-#if !HANDLE_EA_EL3_FIRST_NS
- ldr x0, [sp], #0x10
- b.eq el3_panic
-#else
- b.ne to_panic_common
-
- /* Check EL the exception taken from */
- mrs x0, spsr_el3
- ubfx x0, x0, #SPSR_EL_SHIFT, #SPSR_EL_WIDTH
- cmp x0, #MODE_EL3
- b.ne elx_panic
- ldr x0, [sp], #0x10
- b el3_panic
-
-to_panic_common:
- ldr x0, [sp], #0x10
-#endif /* HANDLE_EA_EL3_FIRST_NS */
-#endif /* CRASH_REPORTING */
+func el3_panic
+#if CRASH_REPORTING && defined(IMAGE_BL31)
+ b report_el3_panic
+#endif /* CRASH_REPORTING && IMAGE_BL31 */
panic_common:
-/*
- * el3_panic will be redefined by the BL31
- * crash reporting mechanism (if enabled)
- */
-el3_panic:
mov x6, x30
bl plat_crash_console_init
@@ -218,4 +198,5 @@
* called, not the address of the call from el3_panic. */
mov x30, x6
b plat_panic_handler
-endfunc do_panic
+
+endfunc el3_panic
diff --git a/common/feat_detect.c b/common/feat_detect.c
index a8c40f7..5fb56b9 100644
--- a/common/feat_detect.c
+++ b/common/feat_detect.c
@@ -36,19 +36,28 @@
/*******************************************************************************
* Function : check_feature
* Check for a valid combination of build time flags (ENABLE_FEAT_xxx) and
- * feature availability on the hardware.
- * Panics if a feature is forcefully enabled, but not available on the PE.
+ * feature availability on the hardware. <min> is the smallest feature
+ * ID field value that is required for that feature.
+ * Triggers a panic later if a feature is forcefully enabled, but not
+ * available on the PE. Also will panic if the hardware feature ID field
+ * is larger than the maximum known and supported number, specified by <max>.
*
* We force inlining here to let the compiler optimise away the whole check
* if the feature is disabled at build time (FEAT_STATE_DISABLED).
******************************************************************************/
static inline void __attribute((__always_inline__))
-check_feature(int state, unsigned long field, const char *feat_name)
+check_feature(int state, unsigned long field, const char *feat_name,
+ unsigned int min, unsigned int max)
{
- if (state == FEAT_STATE_ALWAYS && field == 0U) {
+ if (state == FEAT_STATE_ALWAYS && field < min) {
ERROR("FEAT_%s not supported by the PE\n", feat_name);
tainted = true;
}
+ if (state >= FEAT_STATE_ALWAYS && field > max) {
+ ERROR("FEAT_%s is version %ld, but is only known up to version %d\n",
+ feat_name, field, max);
+ tainted = true;
+ }
}
/******************************************
@@ -153,16 +162,6 @@
#endif
}
-/****************************************************
- * Feature : FEAT_TRF (Self-hosted Trace Extensions)
- ***************************************************/
-static void read_feat_trf(void)
-{
-#if (ENABLE_TRF_FOR_NS == FEAT_STATE_ALWAYS)
- feat_detect_panic(is_arm8_4_feat_trf_present(), "TRF");
-#endif
-}
-
/************************************************
* Feature : FEAT_MTE (Memory Tagging Extension)
***********************************************/
@@ -239,26 +238,6 @@
#endif
}
-/******************************************************
- * Feature : FEAT_BRBE (Branch Record Buffer Extension)
- *****************************************************/
-static void read_feat_brbe(void)
-{
-#if (ENABLE_BRBE_FOR_NS == FEAT_STATE_ALWAYS)
- feat_detect_panic(is_feat_brbe_present(), "BRBE");
-#endif
-}
-
-/******************************************************
- * Feature : FEAT_TRBE (Trace Buffer Extension)
- *****************************************************/
-static void read_feat_trbe(void)
-{
-#if (ENABLE_TRBE_FOR_NS == FEAT_STATE_ALWAYS)
- feat_detect_panic(is_feat_trbe_present(), "TRBE");
-#endif
-}
-
/******************************************************************
* Feature : FEAT_RNG_TRAP (Trapping support for RNDR/RNDRRS)
*****************************************************************/
@@ -312,11 +291,13 @@
/* v8.4 features */
read_feat_dit();
- check_feature(ENABLE_FEAT_AMUv1, read_feat_amu_id_field(), "AMUv1");
+ check_feature(ENABLE_FEAT_AMUv1, read_feat_amu_id_field(),
+ "AMUv1", 1, 2);
read_feat_mpam();
read_feat_nv2();
read_feat_sel2();
- read_feat_trf();
+ check_feature(ENABLE_TRF_FOR_NS, read_feat_trf_id_field(),
+ "TRF", 1, 1);
/* v8.5 features */
read_feat_mte();
@@ -326,16 +307,18 @@
/* v8.6 features */
read_feat_amuv1p1();
- check_feature(ENABLE_FEAT_FGT, read_feat_fgt_id_field(), "FGT");
+ check_feature(ENABLE_FEAT_FGT, read_feat_fgt_id_field(), "FGT", 1, 1);
read_feat_ecv();
read_feat_twed();
/* v8.7 features */
- check_feature(ENABLE_FEAT_HCX, read_feat_hcx_id_field(), "HCX");
+ check_feature(ENABLE_FEAT_HCX, read_feat_hcx_id_field(), "HCX", 1, 1);
/* v9.0 features */
- read_feat_brbe();
- read_feat_trbe();
+ check_feature(ENABLE_BRBE_FOR_NS, read_feat_brbe_id_field(),
+ "BRBE", 1, 2);
+ check_feature(ENABLE_TRBE_FOR_NS, read_feat_trbe_id_field(),
+ "TRBE", 1, 1);
/* v9.2 features */
read_feat_rme();
diff --git a/docs/components/ffa-manifest-binding.rst b/docs/components/ffa-manifest-binding.rst
index 7483c90..e00c53a 100644
--- a/docs/components/ffa-manifest-binding.rst
+++ b/docs/components/ffa-manifest-binding.rst
@@ -286,6 +286,18 @@
- PPI: 0b01
- SGI: 0b00
+- interrupts-target
+ - value type: <prop-encoded-array>
+ - A list of (id, mpdir upper bits, mpidr lower bits) tuples describing which
+ mpidr the interrupt is routed to, where:
+
+ - id: The <u32> interrupt ID. Must be one of those specified in the
+ "interrupts" field.
+ - mpidr upper bits: The <u32> describing the upper bits of the 64 bits
+ mpidr
+ - mpidr lower bits: The <u32> describing the lower bits of the 64 bits
+ mpidr
+
- exclusive-access
- value type: <empty>
- Presence of this field implies that this endpoint must be granted exclusive
diff --git a/docs/design/firmware-design.rst b/docs/design/firmware-design.rst
index 84bba18..f08608c 100644
--- a/docs/design/firmware-design.rst
+++ b/docs/design/firmware-design.rst
@@ -900,7 +900,7 @@
A runtime service is registered using the ``DECLARE_RT_SVC()`` macro, specifying
the name of the service, the range of OENs covered, the type of service and
initialization and call handler functions. This macro instantiates a ``const struct rt_svc_desc`` for the service with these details (see ``runtime_svc.h``).
-This structure is allocated in a special ELF section ``rt_svc_descs``, enabling
+This structure is allocated in a special ELF section ``.rt_svc_descs``, enabling
the framework to find all service descriptors included into BL31.
The specific service for a SMC Function is selected based on the OEN and call
@@ -1330,7 +1330,7 @@
(priority, group, configuration). Each element of the array shall be populated
by the macro ``INTR_PROP_DESC()``. The macro takes the following arguments:
-- 10-bit interrupt number,
+- 13-bit interrupt number,
- 8-bit interrupt priority,
@@ -2165,7 +2165,7 @@
has been redesigned. The changes utilise the characteristic of Lamport's Bakery
algorithm mentioned earlier. The bakery_lock structure only allocates the memory
for a single CPU. The macro ``DEFINE_BAKERY_LOCK`` allocates all the bakery locks
-needed for a CPU into a section ``bakery_lock``. The linker allocates the memory
+needed for a CPU into a section ``.bakery_lock``. The linker allocates the memory
for other cores by using the total size allocated for the bakery_lock section
and multiplying it with (PLATFORM_CORE_COUNT - 1). This enables software to
perform software cache maintenance on the lock data structure without running
@@ -2193,7 +2193,7 @@
::
- bakery_lock section start
+ .bakery_lock section start
|----------------|
| `bakery_info_t`| <-- Lock_0 per-CPU field
| Lock_0 | for CPU0
@@ -2230,7 +2230,7 @@
Consider a system of 2 CPUs with 'N' bakery locks as shown above. For an
operation on Lock_N, the corresponding ``bakery_info_t`` in both CPU0 and CPU1
-``bakery_lock`` section need to be fetched and appropriate cache operations need
+``.bakery_lock`` section need to be fetched and appropriate cache operations need
to be performed for each access.
On Arm Platforms, bakery locks are used in psci (``psci_locks``) and power controller
diff --git a/docs/getting_started/porting-guide.rst b/docs/getting_started/porting-guide.rst
index 80b72e5..0e4d1e3 100644
--- a/docs/getting_started/porting-guide.rst
+++ b/docs/getting_started/porting-guide.rst
@@ -66,22 +66,22 @@
If the build option ``USE_COHERENT_MEM`` is enabled, each platform can allocate a
block of identity mapped secure memory with Device-nGnRE attributes aligned to
page boundary (4K) for each BL stage. All sections which allocate coherent
-memory are grouped under ``coherent_ram``. For ex: Bakery locks are placed in a
-section identified by name ``bakery_lock`` inside ``coherent_ram`` so that its
+memory are grouped under ``.coherent_ram``. For ex: Bakery locks are placed in a
+section identified by name ``.bakery_lock`` inside ``.coherent_ram`` so that its
possible for the firmware to place variables in it using the following C code
directive:
::
- __section("bakery_lock")
+ __section(".bakery_lock")
Or alternatively the following assembler code directive:
::
- .section bakery_lock
+ .section .bakery_lock
-The ``coherent_ram`` section is a sum of all sections like ``bakery_lock`` which are
+The ``.coherent_ram`` section is a sum of all sections like ``.bakery_lock`` which are
used to allocate any data structures that are accessed both when a CPU is
executing with its MMU and caches enabled, and when it's running with its MMU
and caches disabled. Examples are given below.
@@ -2411,7 +2411,7 @@
accommodate all the bakery locks.
If this constant is not defined when ``USE_COHERENT_MEM = 0``, the linker
-calculates the size of the ``bakery_lock`` input section, aligns it to the
+calculates the size of the ``.bakery_lock`` input section, aligns it to the
nearest ``CACHE_WRITEBACK_GRANULE``, multiplies it with ``PLATFORM_CORE_COUNT``
and stores the result in a linker symbol. This constant prevents a platform
from relying on the linker and provide a more efficient mechanism for
@@ -3204,9 +3204,20 @@
Common helper functions
-----------------------
+Function : elx_panic()
+~~~~~~~~~~~~~~~~~~~~~~
-Function : do_panic()
-~~~~~~~~~~~~~~~~~~~~~
+::
+
+ Argument : void
+ Return : void
+
+This API is called from assembly files when reporting a critical failure
+that has occured in lower EL and is been trapped in EL3. This call
+**must not** return.
+
+Function : el3_panic()
+~~~~~~~~~~~~~~~~~~~~~~
::
@@ -3214,9 +3225,8 @@
Return : void
This API is called from assembly files when encountering a critical failure that
-cannot be recovered from. It also invokes elx_panic() which allows to report a
-crash from lower exception level. This function assumes that it is invoked from
-a C runtime environment i.e. valid stack exists. This call **must not** return.
+cannot be recovered from. This function assumes that it is invoked from a C
+runtime environment i.e. valid stack exists. This call **must not** return.
Function : panic()
~~~~~~~~~~~~~~~~~~
@@ -3228,7 +3238,7 @@
This API called from C files when encountering a critical failure that cannot
be recovered from. This function in turn prints backtrace (if enabled) and calls
-do_panic(). This call **must not** return.
+el3_panic(). This call **must not** return.
Crash Reporting mechanism (in BL31)
-----------------------------------
@@ -3540,7 +3550,7 @@
--------------
-*Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.*
.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
.. _Arm Generic Interrupt Controller version 2.0 (GICv2): http://infocenter.arm.com/help/topic/com.arm.doc.ihi0048b/index.html
diff --git a/docs/plat/xilinx-zynqmp.rst b/docs/plat/xilinx-zynqmp.rst
index af1cb22..b2871df 100644
--- a/docs/plat/xilinx-zynqmp.rst
+++ b/docs/plat/xilinx-zynqmp.rst
@@ -41,6 +41,21 @@
- ``cadence``, ``cadence0``: Cadence UART 0
- ``cadence1`` : Cadence UART 1
+ZynqMP Debug behavior
+---------------------
+
+With DEBUG=1, TF-A for ZynqMP uses DDR memory range instead of OCM memory range
+due to size constraints.
+For DEBUG=1 configuration for ZynqMP the BL31_BASE is set to the DDR location
+of 0x1000 and BL31_LIMIT is set to DDR location of 0x7FFFF.
+
+If the user wants to move the bl31 to a different DDR location, user can provide
+the DDR address location in the build command as follows,
+
+make CROSS_COMPILE=aarch64-none-elf- PLAT=zynqmp RESET_TO_BL31=1 DEBUG=1 \
+ ZYNQMP_ATF_MEM_BASE=<DDR address> ZYNQMP_ATF_MEM_SIZE=<size> bl31
+
+
FSBL->TF-A Parameter Passing
----------------------------
@@ -71,3 +86,40 @@
The 4 leaf power domains represent the individual A53 cores, while resources
common to the cluster are grouped in the power domain on the top.
+
+CUSTOM SIP service support
+--------------------------
+
+- Dedicated SMC FID ZYNQMP_SIP_SVC_CUSTOM(0x82002000)(32-bit)/
+ (0xC2002000)(64-bit) to be used by a custom package for
+ providing CUSTOM SIP service.
+
+- by default platform provides bare minimum definition for
+ custom_smc_handler in this service.
+
+- to use this service, custom package should implement their
+ smc handler with the name custom_smc_handler. once custom package is
+ included in TF-A build, their definition of custom_smc_handler is
+ enabled.
+
+Custom package makefile fragment inclusion in TF-A build
+--------------------------------------------------------
+
+- custom package is not directly part of TF-A source.
+
+- <CUSTOM_PKG_PATH> is the location at which user clones a
+ custom package locally.
+
+- custom package needs to implement makefile fragment named
+ custom_pkg.mk so as to get included in TF-A build.
+
+- custom_pkg.mk specify all the rules to include custom package
+ specific header files, dependent libs, source files that are
+ supposed to be included in TF-A build.
+
+- when <CUSTOM_PKG_PATH> is specified in TF-A build command,
+ custom_pkg.mk is included from <CUSTOM_PKG_PATH> in TF-A build.
+
+- TF-A build command:
+ make CROSS_COMPILE=aarch64-none-elf- PLAT=zynqmp RESET_TO_BL31=1
+ bl31 CUSTOM_PKG_PATH=<...>
diff --git a/docs/process/security.rst b/docs/process/security.rst
index f1e7a9d..c6429ad 100644
--- a/docs/process/security.rst
+++ b/docs/process/security.rst
@@ -67,6 +67,12 @@
| |TFV-8| | Not saving x0 to x3 registers can leak information from one |
| | Normal World SMC client to another |
+-----------+------------------------------------------------------------------+
+| |TFV-9| | Trusted Firmware-A exposure to speculative processor |
+| | vulnerabilities with branch prediction target reuse |
++-----------+------------------------------------------------------------------+
+| |TFV-10| | Incorrect validation of X.509 certificate extensions can result |
+| | in an out-of-bounds read |
++-----------+------------------------------------------------------------------+
.. _issue tracker: https://developer.trustedfirmware.org/project/board/1/
.. _mailing list: https://lists.trustedfirmware.org/mailman3/lists/tf-a.lists.trustedfirmware.org/
@@ -79,6 +85,8 @@
.. |TFV-6| replace:: :ref:`Advisory TFV-6 (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)`
.. |TFV-7| replace:: :ref:`Advisory TFV-7 (CVE-2018-3639)`
.. |TFV-8| replace:: :ref:`Advisory TFV-8 (CVE-2018-19440)`
+.. |TFV-9| replace:: :ref:`Advisory TFV-9 (CVE-2022-23960)`
+.. |TFV-10| replace:: :ref:`Advisory TFV-10 (CVE-2022-47630)`
.. _TrustedFirmware.org security incident process: https://developer.trustedfirmware.org/w/collaboration/security_center/
diff --git a/drivers/arm/css/mhu/css_mhu_doorbell.c b/drivers/arm/css/mhu/css_mhu_doorbell.c
index c51f3b1..479bb21 100644
--- a/drivers/arm/css/mhu/css_mhu_doorbell.c
+++ b/drivers/arm/css/mhu/css_mhu_doorbell.c
@@ -15,7 +15,6 @@
MHU_RING_DOORBELL(plat_info->db_reg_addr,
plat_info->db_modify_mask,
plat_info->db_preserve_mask);
- return;
}
void mhuv2_ring_doorbell(struct scmi_channel_plat_info *plat_info)
@@ -35,6 +34,4 @@
/* clear the access request for the receiver */
MHU_V2_CLEAR_REQUEST(mhuv2_base);
-
- return;
}
diff --git a/drivers/arm/gic/v3/gicv3_helpers.c b/drivers/arm/gic/v3/gicv3_helpers.c
index 446d0ad..940c939 100644
--- a/drivers/arm/gic/v3/gicv3_helpers.c
+++ b/drivers/arm/gic/v3/gicv3_helpers.c
@@ -253,7 +253,7 @@
}
/*******************************************************************************
- * Helper function to configure the default attributes of (E)SPIs
+ * Helper function to configure the default attributes of (E)PPIs/SGIs
******************************************************************************/
void gicv3_ppi_sgi_config_defaults(uintptr_t gicr_base)
{
@@ -292,7 +292,7 @@
regs_num = ppi_regs_num << 3;
for (i = 0U; i < regs_num; ++i) {
/* Setup the default (E)PPI/SGI priorities doing 4 at a time */
- gicr_write_ipriorityr(gicr_base, i, GICD_IPRIORITYR_DEF_VAL);
+ gicr_write_ipriorityr(gicr_base, i << 2, GICD_IPRIORITYR_DEF_VAL);
}
/* 16 interrupt IDs per GICR_ICFGR register */
diff --git a/drivers/auth/cca/cot.c b/drivers/auth/cca/cot.c
index d3f3087..e8f4d9c 100644
--- a/drivers/auth/cca/cot.c
+++ b/drivers/auth/cca/cot.c
@@ -1,13 +1,15 @@
/*
- * Copyright (c) 2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
+#include <mbedtls/version.h>
+
+#include <common/tbbr/cot_def.h>
#include <drivers/auth/auth_mod.h>
-#include MBEDTLS_CONFIG_FILE
#include <tools_share/cca_oid.h>
#include <platform_def.h>
diff --git a/drivers/auth/cryptocell/712/cryptocell_crypto.c b/drivers/auth/cryptocell/712/cryptocell_crypto.c
index c7ee36f..e2b189b 100644
--- a/drivers/auth/cryptocell/712/cryptocell_crypto.c
+++ b/drivers/auth/cryptocell/712/cryptocell_crypto.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,7 +7,8 @@
#include <stddef.h>
#include <string.h>
-#include <platform_def.h>
+#include <mbedtls/oid.h>
+#include <mbedtls/x509.h>
#include <arch_helpers.h>
#include <common/debug.h>
@@ -21,8 +22,7 @@
#include <drivers/auth/mbedtls/mbedtls_common.h>
#include <lib/utils.h>
-#include <mbedtls/oid.h>
-#include <mbedtls/x509.h>
+#include <platform_def.h>
#define LIB_NAME "CryptoCell 712 SBROM"
#define RSA_SALT_LEN 32
@@ -95,11 +95,10 @@
CCError_t error;
CCSbNParams_t pk;
CCSbSignature_t signature;
- int rc, exp;
+ int rc, exp, expected_salt_len;
mbedtls_asn1_buf sig_oid, alg_oid, params;
- mbedtls_md_type_t md_alg;
+ mbedtls_md_type_t md_alg, mgf1_hash_id;
mbedtls_pk_type_t pk_alg;
- mbedtls_pk_rsassa_pss_options pss_opts;
size_t len;
uint8_t *p, *end;
/* Temp buf to store the public key modulo (N) in LE format */
@@ -110,70 +109,85 @@
p = sig_alg;
end = p + sig_alg_len;
rc = mbedtls_asn1_get_alg(&p, end, &sig_oid, ¶ms);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Get the actual signature algorithm (MD + PK) */
rc = mbedtls_oid_get_sig_alg(&sig_oid, &md_alg, &pk_alg);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* The CryptoCell only supports RSASSA-PSS signature */
- if (pk_alg != MBEDTLS_PK_RSASSA_PSS || md_alg != MBEDTLS_MD_NONE)
+ if ((pk_alg != MBEDTLS_PK_RSASSA_PSS) || (md_alg != MBEDTLS_MD_NONE)) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Verify the RSASSA-PSS params */
/* The trailer field is verified to be 0xBC internally by this API */
rc = mbedtls_x509_get_rsassa_pss_params(¶ms, &md_alg,
- &pss_opts.mgf1_hash_id,
- &pss_opts.expected_salt_len);
- if (rc != 0)
+ &mgf1_hash_id,
+ &expected_salt_len);
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* The CryptoCell only supports SHA256 as hash algorithm */
- if (md_alg != MBEDTLS_MD_SHA256 || pss_opts.mgf1_hash_id != MBEDTLS_MD_SHA256)
+ if ((md_alg != MBEDTLS_MD_SHA256) || (mgf1_hash_id != MBEDTLS_MD_SHA256)) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (pss_opts.expected_salt_len != RSA_SALT_LEN)
+ if (expected_salt_len != RSA_SALT_LEN) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Parse the public key */
p = pk_ptr;
end = p + pk_len;
rc = mbedtls_asn1_get_tag(&p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
end = p + len;
rc = mbedtls_asn1_get_alg_null(&p, end, &alg_oid);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (mbedtls_oid_get_pk_alg(&alg_oid, &pk_alg) != 0)
+ if (mbedtls_oid_get_pk_alg(&alg_oid, &pk_alg) != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (pk_alg != MBEDTLS_PK_RSA)
+ if (pk_alg != MBEDTLS_PK_RSA) {
return CRYPTO_ERR_SIGNATURE;
+ }
rc = mbedtls_asn1_get_bitstring_null(&p, end, &len);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
rc = mbedtls_asn1_get_tag(&p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_INTEGER);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
if (*p == 0) {
p++; len--;
}
- if (len != RSA_MOD_SIZE_IN_BYTES || ((p + len) > end))
+
+ if (len != RSA_MOD_SIZE_IN_BYTES || ((p + len) > end)) {
return CRYPTO_ERR_SIGNATURE;
+ }
/*
* The CCSbVerifySignature() API expects N and Np in BE format and
@@ -184,11 +198,13 @@
/* Verify the RSA exponent */
p += len;
rc = mbedtls_asn1_get_int(&p, end, &exp);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (exp != RSA_EXPONENT)
+ if (exp != RSA_EXPONENT) {
return CRYPTO_ERR_SIGNATURE;
+ }
/*
* Calculate the Np (Barrett n' value). The RSA_CalcNp() API expects
@@ -205,11 +221,13 @@
p = sig_ptr;
end = p + sig_len;
rc = mbedtls_asn1_get_bitstring_null(&p, end, &len);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (len != RSA_MOD_SIZE_IN_BYTES || ((p + len) > end))
+ if (len != RSA_MOD_SIZE_IN_BYTES || ((p + len) > end)) {
return CRYPTO_ERR_SIGNATURE;
+ }
/*
* The signature is BE format. Convert it to LE before calling
@@ -227,8 +245,9 @@
error = CCSbVerifySignature((uintptr_t)PLAT_CRYPTOCELL_BASE,
(uint32_t *)data_ptr, &pk, &signature,
data_len, RSA_PSS);
- if (error != CC_OK)
+ if (error != CC_OK) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Signature verification success */
return CRYPTO_SUCCESS;
@@ -256,29 +275,36 @@
end = p + digest_info_len;
rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
/* Get the hash algorithm */
rc = mbedtls_asn1_get_alg(&p, end, &hash_oid, ¶ms);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
rc = mbedtls_oid_get_md_alg(&hash_oid, &md_alg);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
+
/* Verify that hash algorithm is SHA256 */
- if (md_alg != MBEDTLS_MD_SHA256)
+ if (md_alg != MBEDTLS_MD_SHA256) {
return CRYPTO_ERR_HASH;
+ }
/* Hash should be octet string type */
rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
/* Length of hash must match the algorithm's size */
- if (len != HASH_RESULT_SIZE_IN_BYTES)
+ if (len != HASH_RESULT_SIZE_IN_BYTES) {
return CRYPTO_ERR_HASH;
+ }
/*
* CryptoCell utilises DMA internally to transfer data. Flush the data
@@ -289,12 +315,14 @@
hash = p;
error = SBROM_CryptoHash((uintptr_t)PLAT_CRYPTOCELL_BASE,
(uintptr_t)data_ptr, data_len, pubKeyHash);
- if (error != CC_OK)
+ if (error != CC_OK) {
return CRYPTO_ERR_HASH;
+ }
rc = memcmp(pubKeyHash, hash, HASH_RESULT_SIZE_IN_BYTES);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
return CRYPTO_SUCCESS;
}
diff --git a/drivers/auth/cryptocell/713/cryptocell_crypto.c b/drivers/auth/cryptocell/713/cryptocell_crypto.c
index 3ac16af..388264e 100644
--- a/drivers/auth/cryptocell/713/cryptocell_crypto.c
+++ b/drivers/auth/cryptocell/713/cryptocell_crypto.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023 ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,14 +8,14 @@
#include <stddef.h>
#include <string.h>
-#include <platform_def.h>
+#include <mbedtls/oid.h>
+#include <mbedtls/x509.h>
#include <drivers/arm/cryptocell/713/bsv_api.h>
#include <drivers/arm/cryptocell/713/bsv_crypto_asym_api.h>
#include <drivers/auth/crypto_mod.h>
-#include <mbedtls/oid.h>
-#include <mbedtls/x509.h>
+#include <platform_def.h>
#define LIB_NAME "CryptoCell 713 SBROM"
#define RSA_SALT_LEN 32
@@ -82,11 +82,11 @@
CCError_t error;
CCBsvNBuff_t NBuff;
CCBsvSignature_t signature;
- int rc, exp;
+ int rc, exp, expected_salt_len;
mbedtls_asn1_buf sig_oid, alg_oid, params;
- mbedtls_md_type_t md_alg;
+ mbedtls_md_type_t md_alg, mgf1_hash_id;
mbedtls_pk_type_t pk_alg;
- mbedtls_pk_rsassa_pss_options pss_opts;
+
size_t len;
uint8_t *p, *end;
CCHashResult_t digest;
@@ -99,72 +99,86 @@
p = sig_alg;
end = p + sig_alg_len;
rc = mbedtls_asn1_get_alg(&p, end, &sig_oid, ¶ms);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Get the actual signature algorithm (MD + PK) */
rc = mbedtls_oid_get_sig_alg(&sig_oid, &md_alg, &pk_alg);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* The CryptoCell only supports RSASSA-PSS signature */
- if (pk_alg != MBEDTLS_PK_RSASSA_PSS || md_alg != MBEDTLS_MD_NONE)
+ if (pk_alg != MBEDTLS_PK_RSASSA_PSS || md_alg != MBEDTLS_MD_NONE) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Verify the RSASSA-PSS params */
/* The trailer field is verified to be 0xBC internally by this API */
rc = mbedtls_x509_get_rsassa_pss_params(¶ms, &md_alg,
- &pss_opts.mgf1_hash_id,
- &pss_opts.expected_salt_len);
- if (rc != 0)
+ &mgf1_hash_id,
+ &expected_salt_len);
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* The CryptoCell only supports SHA256 as hash algorithm */
if (md_alg != MBEDTLS_MD_SHA256 ||
- pss_opts.mgf1_hash_id != MBEDTLS_MD_SHA256)
+ mgf1_hash_id != MBEDTLS_MD_SHA256) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (pss_opts.expected_salt_len != RSA_SALT_LEN)
+ if (expected_salt_len != RSA_SALT_LEN) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Parse the public key */
p = pk_ptr;
end = p + pk_len;
rc = mbedtls_asn1_get_tag(&p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
end = p + len;
rc = mbedtls_asn1_get_alg_null(&p, end, &alg_oid);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (mbedtls_oid_get_pk_alg(&alg_oid, &pk_alg) != 0)
+ if (mbedtls_oid_get_pk_alg(&alg_oid, &pk_alg) != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (pk_alg != MBEDTLS_PK_RSA)
+ if (pk_alg != MBEDTLS_PK_RSA) {
return CRYPTO_ERR_SIGNATURE;
+ }
rc = mbedtls_asn1_get_bitstring_null(&p, end, &len);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
rc = mbedtls_asn1_get_tag(&p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_INTEGER);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
if (*p == 0) {
p++; len--;
}
- if (len != BSV_CERT_RSA_KEY_SIZE_IN_BYTES || ((p + len) > end))
+ if (len != BSV_CERT_RSA_KEY_SIZE_IN_BYTES || ((p + len) > end)) {
return CRYPTO_ERR_SIGNATURE;
+ }
/*
* Copy N from certificate.
@@ -174,21 +188,25 @@
/* Verify the RSA exponent */
p += len;
rc = mbedtls_asn1_get_int(&p, end, &exp);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (exp != RSA_EXPONENT)
+ if (exp != RSA_EXPONENT) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Get the signature (bitstring) */
p = sig_ptr;
end = p + sig_len;
rc = mbedtls_asn1_get_bitstring_null(&p, end, &len);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (len != BSV_CERT_RSA_KEY_SIZE_IN_BYTES || ((p + len) > end))
+ if (len != BSV_CERT_RSA_KEY_SIZE_IN_BYTES || ((p + len) > end)) {
return CRYPTO_ERR_SIGNATURE;
+ }
/*
* Copy the signature (in BE format)
@@ -197,15 +215,17 @@
error = CC_BsvSha256((uintptr_t)PLAT_CRYPTOCELL_BASE,
data_ptr, data_len, digest);
- if (error != CC_OK)
+ if (error != CC_OK) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Verify the signature */
error = CC_BsvRsaPssVerify((uintptr_t)PLAT_CRYPTOCELL_BASE, NBuff,
NULL, signature, digest, workspace,
BSV_RSA_WORKSPACE_MIN_SIZE, &is_verified);
- if ((error != CC_OK) || (is_verified != CC_TRUE))
+ if ((error != CC_OK) || (is_verified != CC_TRUE)) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Signature verification success */
return CRYPTO_SUCCESS;
@@ -233,39 +253,48 @@
end = p + digest_info_len;
rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
/* Get the hash algorithm */
rc = mbedtls_asn1_get_alg(&p, end, &hash_oid, ¶ms);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
rc = mbedtls_oid_get_md_alg(&hash_oid, &md_alg);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
+
/* Verify that hash algorithm is SHA256 */
- if (md_alg != MBEDTLS_MD_SHA256)
+ if (md_alg != MBEDTLS_MD_SHA256) {
return CRYPTO_ERR_HASH;
+ }
/* Hash should be octet string type */
rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
/* Length of hash must match the algorithm's size */
- if (len != HASH_RESULT_SIZE_IN_BYTES)
+ if (len != HASH_RESULT_SIZE_IN_BYTES) {
return CRYPTO_ERR_HASH;
+ }
hash = p;
error = CC_BsvSha256((uintptr_t)PLAT_CRYPTOCELL_BASE, data_ptr,
data_len, pubKeyHash);
- if (error != CC_OK)
+ if (error != CC_OK) {
return CRYPTO_ERR_HASH;
+ }
rc = memcmp(pubKeyHash, hash, HASH_RESULT_SIZE_IN_BYTES);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
return CRYPTO_SUCCESS;
}
diff --git a/drivers/auth/dualroot/cot.c b/drivers/auth/dualroot/cot.c
index 8368503..c89930c 100644
--- a/drivers/auth/dualroot/cot.c
+++ b/drivers/auth/dualroot/cot.c
@@ -1,17 +1,20 @@
/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
-#include <platform_def.h>
+#include <mbedtls/version.h>
-#include MBEDTLS_CONFIG_FILE
+#include <common/tbbr/cot_def.h>
#include <drivers/auth/auth_mod.h>
+
#include <tools_share/dualroot_oid.h>
+#include <platform_def.h>
+
/*
* Allocate static buffers to store the authentication parameters extracted from
* the certificates.
diff --git a/drivers/auth/mbedtls/mbedtls_common.c b/drivers/auth/mbedtls/mbedtls_common.c
index a12e49c..4f30d82 100644
--- a/drivers/auth/mbedtls/mbedtls_common.c
+++ b/drivers/auth/mbedtls/mbedtls_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -10,10 +10,11 @@
/* mbed TLS headers */
#include <mbedtls/memory_buffer_alloc.h>
#include <mbedtls/platform.h>
+#include <mbedtls/version.h>
#include <common/debug.h>
#include <drivers/auth/mbedtls/mbedtls_common.h>
-#include MBEDTLS_CONFIG_FILE
+
#include <plat/common/platform.h>
static void cleanup(void)
diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk
index ae4b067..79c4512 100644
--- a/drivers/auth/mbedtls/mbedtls_common.mk
+++ b/drivers/auth/mbedtls/mbedtls_common.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2015-2022, Arm Limited. All rights reserved.
+# Copyright (c) 2015-2023, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -15,42 +15,68 @@
MBEDTLS_INC = -I${MBEDTLS_DIR}/include
+MBEDTLS_MAJOR=$(shell grep -hP "define MBEDTLS_VERSION_MAJOR" ${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)')
+MBEDTLS_MINOR=$(shell grep -hP "define MBEDTLS_VERSION_MINOR" ${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)')
+$(info MBEDTLS_VERSION_MAJOR is [${MBEDTLS_MAJOR}] MBEDTLS_VERSION_MINOR is [${MBEDTLS_MINOR}])
+
# Specify mbed TLS configuration file
-MBEDTLS_CONFIG_FILE ?= "<drivers/auth/mbedtls/mbedtls_config.h>"
+ifeq (${MBEDTLS_MAJOR}, 2)
+ MBEDTLS_CONFIG_FILE ?= "<drivers/auth/mbedtls/mbedtls_config-2.h>"
+else ifeq (${MBEDTLS_MAJOR}, 3)
+ MBEDTLS_CONFIG_FILE ?= "<drivers/auth/mbedtls/mbedtls_config-3.h>"
+endif
+
$(eval $(call add_define,MBEDTLS_CONFIG_FILE))
MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_common.c
-
-LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \
- aes.c \
- asn1parse.c \
- asn1write.c \
- cipher.c \
- cipher_wrap.c \
- memory_buffer_alloc.c \
- oid.c \
- platform.c \
- platform_util.c \
- bignum.c \
- gcm.c \
- md.c \
- pk.c \
- pk_wrap.c \
- pkparse.c \
- pkwrite.c \
- sha256.c \
- sha512.c \
- ecdsa.c \
- ecp_curves.c \
- ecp.c \
- rsa.c \
- rsa_internal.c \
- x509.c \
- x509_crt.c \
- constant_time.c \
+LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \
+ aes.c \
+ asn1parse.c \
+ asn1write.c \
+ cipher.c \
+ cipher_wrap.c \
+ constant_time.c \
+ memory_buffer_alloc.c \
+ oid.c \
+ platform.c \
+ platform_util.c \
+ bignum.c \
+ gcm.c \
+ md.c \
+ pk.c \
+ pk_wrap.c \
+ pkparse.c \
+ pkwrite.c \
+ sha256.c \
+ sha512.c \
+ ecdsa.c \
+ ecp_curves.c \
+ ecp.c \
+ rsa.c \
+ x509.c \
+ x509_crt.c \
)
+ifeq (${MBEDTLS_MAJOR}, 2)
+ LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \
+ rsa_internal.c \
+ )
+else ifeq (${MBEDTLS_MAJOR}, 3)
+ LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \
+ bignum_core.c \
+ rsa_alt_helpers.c \
+ hash_info.c \
+ )
+
+ # Currently on Mbedtls-3 there is outstanding bug due to usage
+ # of redundant declaration[1], So disable redundant-decls
+ # compilation flag to avoid compilation error when compiling with
+ # Mbedtls-3.
+ # [1]: https://github.com/Mbed-TLS/mbedtls/issues/6910
+ LIBMBEDTLS_CFLAGS += -Wno-error=redundant-decls
+endif
+
# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
# algorithm to use. If the variable is not defined, select it based on
# algorithm used for key generation `KEY_ALG`. If `KEY_ALG` is not defined,
diff --git a/drivers/auth/mbedtls/mbedtls_crypto.c b/drivers/auth/mbedtls/mbedtls_crypto.c
index 42a0925..4241d21 100644
--- a/drivers/auth/mbedtls/mbedtls_crypto.c
+++ b/drivers/auth/mbedtls/mbedtls_crypto.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,12 +14,13 @@
#include <mbedtls/memory_buffer_alloc.h>
#include <mbedtls/oid.h>
#include <mbedtls/platform.h>
+#include <mbedtls/version.h>
#include <mbedtls/x509.h>
#include <common/debug.h>
#include <drivers/auth/crypto_mod.h>
#include <drivers/auth/mbedtls/mbedtls_common.h>
-#include <drivers/auth/mbedtls/mbedtls_config.h>
+
#include <plat/common/platform.h>
#define LIB_NAME "mbed TLS"
@@ -294,6 +295,7 @@
unsigned char *pt = data_ptr;
size_t dec_len;
int diff, i, rc;
+ size_t output_length __unused;
mbedtls_gcm_init(&ctx);
@@ -303,7 +305,11 @@
goto exit_gcm;
}
+#if (MBEDTLS_VERSION_MAJOR < 3)
rc = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, iv, iv_len, NULL, 0);
+#else
+ rc = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, iv, iv_len);
+#endif
if (rc != 0) {
rc = CRYPTO_ERR_DECRYPTION;
goto exit_gcm;
@@ -312,7 +318,12 @@
while (len > 0) {
dec_len = MIN(sizeof(buf), len);
+#if (MBEDTLS_VERSION_MAJOR < 3)
rc = mbedtls_gcm_update(&ctx, dec_len, pt, buf);
+#else
+ rc = mbedtls_gcm_update(&ctx, pt, dec_len, buf, sizeof(buf), &output_length);
+#endif
+
if (rc != 0) {
rc = CRYPTO_ERR_DECRYPTION;
goto exit_gcm;
@@ -323,7 +334,12 @@
len -= dec_len;
}
+#if (MBEDTLS_VERSION_MAJOR < 3)
rc = mbedtls_gcm_finish(&ctx, tag_buf, sizeof(tag_buf));
+#else
+ rc = mbedtls_gcm_finish(&ctx, NULL, 0, &output_length, tag_buf, sizeof(tag_buf));
+#endif
+
if (rc != 0) {
rc = CRYPTO_ERR_DECRYPTION;
goto exit_gcm;
diff --git a/drivers/auth/mbedtls/mbedtls_x509_parser.c b/drivers/auth/mbedtls/mbedtls_x509_parser.c
index bbabd9b..b538c78 100644
--- a/drivers/auth/mbedtls/mbedtls_x509_parser.c
+++ b/drivers/auth/mbedtls/mbedtls_x509_parser.c
@@ -161,7 +161,8 @@
p = (unsigned char *)img;
len = img_len;
- end = p + len;
+ crt_end = p + len;
+ end = crt_end;
/*
* Certificate ::= SEQUENCE {
@@ -171,15 +172,10 @@
*/
ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE);
- if (ret != 0) {
+ if ((ret != 0) || ((p + len) != end)) {
return IMG_PARSER_ERR_FORMAT;
}
- if (len != (size_t)(end - p)) {
- return IMG_PARSER_ERR_FORMAT;
- }
- crt_end = p + len;
-
/*
* TBSCertificate ::= SEQUENCE {
*/
@@ -220,9 +216,6 @@
if (ret != 0) {
return IMG_PARSER_ERR_FORMAT;
}
- if ((end - p) < 1) {
- return IMG_PARSER_ERR_FORMAT;
- }
sig_alg1.len = (p + len) - sig_alg1.p;
p += len;
@@ -288,30 +281,24 @@
/*
* issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
- */
- ret = mbedtls_asn1_get_tag(&p, end, &len,
- MBEDTLS_ASN1_CONTEXT_SPECIFIC |
- MBEDTLS_ASN1_CONSTRUCTED | 1);
- if (ret != 0) {
- if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
- return IMG_PARSER_ERR_FORMAT;
- }
- } else {
- p += len;
- }
-
- /*
* subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
+ * -- technically these contain BIT STRINGs but that is not worth
+ * -- validating
*/
- ret = mbedtls_asn1_get_tag(&p, end, &len,
- MBEDTLS_ASN1_CONTEXT_SPECIFIC |
- MBEDTLS_ASN1_CONSTRUCTED | 2);
- if (ret != 0) {
+ for (int i = 1; i < 3; i++) {
+ ret = mbedtls_asn1_get_tag(&p, end, &len,
+ MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+ MBEDTLS_ASN1_CONSTRUCTED | i);
+ /*
+ * Unique IDs are obsolete, so MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+ * is the common case.
+ */
if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
- return IMG_PARSER_ERR_FORMAT;
+ if (ret != 0) {
+ return IMG_PARSER_ERR_FORMAT;
+ }
+ p += len;
}
- } else {
- p += len;
}
/*
@@ -414,19 +401,14 @@
/*
* signatureValue BIT STRING
+ * } -- must consume all bytes
*/
signature.p = p;
ret = mbedtls_asn1_get_bitstring_null(&p, end, &len);
- if (ret != 0) {
- return IMG_PARSER_ERR_FORMAT;
- }
- signature.len = (p + len) - signature.p;
- p += len;
-
- /* Check certificate length */
- if (p != end) {
+ if ((ret != 0) || ((p + len) != end)) {
return IMG_PARSER_ERR_FORMAT;
}
+ signature.len = end - signature.p;
return IMG_PARSER_OK;
}
diff --git a/drivers/auth/tbbr/tbbr_cot_bl1.c b/drivers/auth/tbbr/tbbr_cot_bl1.c
index 44f8638..21942b4 100644
--- a/drivers/auth/tbbr/tbbr_cot_bl1.c
+++ b/drivers/auth/tbbr/tbbr_cot_bl1.c
@@ -1,22 +1,24 @@
/*
- * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
-#include <platform_def.h>
-#include MBEDTLS_CONFIG_FILE
+#include <mbedtls/version.h>
#include <drivers/auth/auth_mod.h>
#include <drivers/auth/tbbr_cot_common.h>
+
#if USE_TBBR_DEFS
#include <tools_share/tbbr_oid.h>
#else
#include <platform_oid.h>
#endif
+#include <platform_def.h>
+
static auth_param_type_desc_t scp_bl2u_hash = AUTH_PARAM_TYPE_DESC(
AUTH_PARAM_HASH, SCP_FWU_CFG_HASH_OID);
static auth_param_type_desc_t bl2u_hash = AUTH_PARAM_TYPE_DESC(
diff --git a/drivers/auth/tbbr/tbbr_cot_bl1_r64.c b/drivers/auth/tbbr/tbbr_cot_bl1_r64.c
index 78e38f6..236823a 100644
--- a/drivers/auth/tbbr/tbbr_cot_bl1_r64.c
+++ b/drivers/auth/tbbr/tbbr_cot_bl1_r64.c
@@ -1,13 +1,14 @@
/*
- * Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
+#include <mbedtls/version.h>
+
#include <drivers/auth/auth_mod.h>
-#include MBEDTLS_CONFIG_FILE
#include <drivers/auth/tbbr_cot_common.h>
#if USE_TBBR_DEFS
@@ -15,8 +16,8 @@
#else
#include <platform_oid.h>
#endif
-#include <platform_def.h>
+#include <platform_def.h>
static unsigned char trusted_world_pk_buf[PK_DER_LEN];
static unsigned char non_trusted_world_pk_buf[PK_DER_LEN];
diff --git a/drivers/auth/tbbr/tbbr_cot_bl2.c b/drivers/auth/tbbr/tbbr_cot_bl2.c
index 11e2f46..ce2aa7e 100644
--- a/drivers/auth/tbbr/tbbr_cot_bl2.c
+++ b/drivers/auth/tbbr/tbbr_cot_bl2.c
@@ -1,22 +1,24 @@
/*
- * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
-#include <platform_def.h>
-#include MBEDTLS_CONFIG_FILE
+#include <mbedtls/version.h>
#include <drivers/auth/auth_mod.h>
#include <drivers/auth/tbbr_cot_common.h>
+
#if USE_TBBR_DEFS
#include <tools_share/tbbr_oid.h>
#else
#include <platform_oid.h>
#endif
+#include <platform_def.h>
+
static unsigned char soc_fw_hash_buf[HASH_DER_LEN];
static unsigned char tos_fw_hash_buf[HASH_DER_LEN];
static unsigned char tos_fw_extra1_hash_buf[HASH_DER_LEN];
diff --git a/drivers/auth/tbbr/tbbr_cot_common.c b/drivers/auth/tbbr/tbbr_cot_common.c
index 0983d42..8c37248 100644
--- a/drivers/auth/tbbr/tbbr_cot_common.c
+++ b/drivers/auth/tbbr/tbbr_cot_common.c
@@ -1,22 +1,23 @@
/*
- * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
-#include <platform_def.h>
-#include MBEDTLS_CONFIG_FILE
+#include <mbedtls/version.h>
#include <drivers/auth/auth_mod.h>
#include <drivers/auth/tbbr_cot_common.h>
+
#if USE_TBBR_DEFS
#include <tools_share/tbbr_oid.h>
#else
#include <platform_oid.h>
#endif
+#include <platform_def.h>
/*
* The platform must allocate buffers to store the authentication parameters
* extracted from the certificates. In this case, because of the way the CoT is
diff --git a/drivers/ufs/ufs.c b/drivers/ufs/ufs.c
index d8c0a14..6074374 100644
--- a/drivers/ufs/ufs.c
+++ b/drivers/ufs/ufs.c
@@ -225,7 +225,7 @@
}
continue;
}
- assert((mmio_read_32(base + HCS) & HCS_DP) == 0);
+ assert(mmio_read_32(base + HCS) & HCS_DP);
data = mmio_read_32(base + IS);
if (data & UFS_INT_ULSS)
mmio_write_32(base + IS, UFS_INT_ULSS);
@@ -234,42 +234,33 @@
return -EIO;
}
-/* Check Door Bell register to get an empty slot */
-static int get_empty_slot(int *slot)
+/* Read Door Bell register to check if slot zero is available */
+static int is_slot_available(void)
{
- unsigned int data;
- int i;
-
- data = mmio_read_32(ufs_params.reg_base + UTRLDBR);
- for (i = 0; i < nutrs; i++) {
- if ((data & 1) == 0)
- break;
- data = data >> 1;
- }
- if (i >= nutrs)
+ if (mmio_read_32(ufs_params.reg_base + UTRLDBR) & 0x1) {
return -EBUSY;
- *slot = i;
+ }
return 0;
}
static void get_utrd(utp_utrd_t *utrd)
{
uintptr_t base;
- int slot = 0, result;
+ int result;
utrd_header_t *hd;
assert(utrd != NULL);
- result = get_empty_slot(&slot);
+ result = is_slot_available();
assert(result == 0);
/* clear utrd */
memset((void *)utrd, 0, sizeof(utp_utrd_t));
- base = ufs_params.desc_base + (slot * sizeof(utrd_header_t));
+ base = ufs_params.desc_base;
/* clear the descriptor */
memset((void *)base, 0, UFS_DESC_SIZE);
utrd->header = base;
- utrd->task_tag = slot + 1;
+ utrd->task_tag = 1; /* We always use the first slot */
/* CDB address should be aligned with 128 bytes */
utrd->upiu = ALIGN_CDB(utrd->header + sizeof(utrd_header_t));
utrd->resp_upiu = ALIGN_8(utrd->upiu + sizeof(cmd_upiu_t));
@@ -297,7 +288,8 @@
prdt_t *prdt;
unsigned int ulba;
unsigned int lba_cnt;
- int prdt_size;
+ uintptr_t desc_limit;
+ uintptr_t prdt_end;
hd = (utrd_header_t *)utrd->header;
upiu = (cmd_upiu_t *)utrd->upiu;
@@ -351,17 +343,24 @@
assert(0);
break;
}
- if (hd->dd == DD_IN)
+ if (hd->dd == DD_IN) {
flush_dcache_range(buf, length);
- else if (hd->dd == DD_OUT)
+ } else if (hd->dd == DD_OUT) {
inv_dcache_range(buf, length);
+ }
+
+ utrd->prdt_length = 0;
if (length) {
upiu->exp_data_trans_len = htobe32(length);
assert(lba_cnt <= UINT16_MAX);
prdt = (prdt_t *)utrd->prdt;
- prdt_size = 0;
+ desc_limit = ufs_params.desc_base + ufs_params.desc_size;
while (length > 0) {
+ if ((uintptr_t)prdt + sizeof(prdt_t) > desc_limit) {
+ ERROR("UFS: Exceeded descriptor limit. Image is too large\n");
+ panic();
+ }
prdt->dba = (unsigned int)(buf & UINT32_MAX);
prdt->dbau = (unsigned int)((buf >> 32) & UINT32_MAX);
/* prdt->dbc counts from 0 */
@@ -374,14 +373,14 @@
}
buf += MAX_PRDT_SIZE;
prdt++;
- prdt_size += sizeof(prdt_t);
+ utrd->prdt_length++;
}
- utrd->size_prdt = ALIGN_8(prdt_size);
- hd->prdtl = utrd->size_prdt >> 2;
+ hd->prdtl = utrd->prdt_length;
hd->prdto = (utrd->size_upiu + utrd->size_resp_upiu) >> 2;
}
- flush_dcache_range((uintptr_t)utrd->header, UFS_DESC_SIZE);
+ prdt_end = utrd->prdt + utrd->prdt_length * sizeof(prdt_t);
+ flush_dcache_range(utrd->header, prdt_end - utrd->header);
return 0;
}
diff --git a/fdts/morello-soc.dts b/fdts/morello-soc.dts
index 5f147b7..e87b617 100644
--- a/fdts/morello-soc.dts
+++ b/fdts/morello-soc.dts
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -213,6 +213,29 @@
clock-output-names = "aclk";
};
+ gpu@2d000000 {
+ compatible = "arm,mali-bifrost";
+ reg = <0x0 0x2d000000 0x0 0x4000>;
+ interrupts =
+ <GIC_SPI 65 IRQ_TYPE_LEVEL_HIGH>,
+ <GIC_SPI 66 IRQ_TYPE_LEVEL_HIGH>,
+ <GIC_SPI 67 IRQ_TYPE_LEVEL_HIGH>;
+ interrupt-names =
+ "gpu",
+ "job",
+ "mmu";
+ clocks = <&clk_gpu>;
+ clock-names = "clk_mali";
+ status = "okay";
+ };
+
+ clk_gpu: clk_gpu {
+ compatible = "fixed-clock";
+ #clock-cells = <0>;
+ clock-frequency = <650000000>;
+ clock-output-names = "clk_mali";
+ };
+
firmware {
scmi {
compatible = "arm,scmi";
diff --git a/include/arch/aarch32/arch_features.h b/include/arch/aarch32/arch_features.h
index ddf0968..a5a5e27 100644
--- a/include/arch/aarch32/arch_features.h
+++ b/include/arch/aarch32/arch_features.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -10,17 +10,37 @@
#include <stdbool.h>
#include <arch_helpers.h>
+#include <common/feat_detect.h>
+
+#define ISOLATE_FIELD(reg, feat) \
+ ((unsigned int)(((reg) >> (feat ## _SHIFT)) & (feat ## _MASK)))
static inline bool is_armv7_gentimer_present(void)
{
- return ((read_id_pfr1() >> ID_PFR1_GENTIMER_SHIFT) &
- ID_PFR1_GENTIMER_MASK) != 0U;
+ return ISOLATE_FIELD(read_id_pfr1(), ID_PFR1_GENTIMER) != 0U;
}
static inline bool is_armv8_2_ttcnp_present(void)
{
- return ((read_id_mmfr4() >> ID_MMFR4_CNP_SHIFT) &
- ID_MMFR4_CNP_MASK) != 0U;
+ return ISOLATE_FIELD(read_id_mmfr4(), ID_MMFR4_CNP) != 0U;
+}
+
+static inline unsigned int read_feat_trf_id_field(void)
+{
+ return ISOLATE_FIELD(read_id_dfr0(), ID_DFR0_TRACEFILT);
+}
+
+static inline bool is_feat_trf_supported(void)
+{
+ if (ENABLE_TRF_FOR_NS == FEAT_STATE_DISABLED) {
+ return false;
+ }
+
+ if (ENABLE_TRF_FOR_NS == FEAT_STATE_ALWAYS) {
+ return true;
+ }
+
+ return read_feat_trf_id_field() != 0U;
}
#endif /* ARCH_FEATURES_H */
diff --git a/include/arch/aarch64/arch_features.h b/include/arch/aarch64/arch_features.h
index 2b801ac..9ff81aa 100644
--- a/include/arch/aarch64/arch_features.h
+++ b/include/arch/aarch64/arch_features.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -12,6 +12,9 @@
#include <arch_helpers.h>
#include <common/feat_detect.h>
+#define ISOLATE_FIELD(reg, feat) \
+ ((unsigned int)(((reg) >> (feat ## _SHIFT)) & (feat ## _MASK)))
+
static inline bool is_armv7_gentimer_present(void)
{
/* The Generic Timer is always present in an ARMv8-A implementation */
@@ -100,8 +103,7 @@
static unsigned int read_feat_fgt_id_field(void)
{
- return (read_id_aa64mmfr0_el1() >> ID_AA64MMFR0_EL1_FGT_SHIFT) &
- ID_AA64MMFR0_EL1_FGT_MASK;
+ return ISOLATE_FIELD(read_id_aa64mmfr0_el1(), ID_AA64MMFR0_EL1_FGT);
}
static inline bool is_feat_fgt_supported(void)
@@ -134,8 +136,7 @@
******************************************************************************/
static unsigned int read_feat_amu_id_field(void)
{
- return (read_id_aa64pfr0_el1() >> ID_AA64PFR0_AMU_SHIFT) &
- ID_AA64PFR0_AMU_MASK;
+ return ISOLATE_FIELD(read_id_aa64pfr0_el1(), ID_AA64PFR0_AMU);
}
static inline bool is_feat_amu_supported(void)
@@ -175,8 +176,7 @@
static inline unsigned int read_feat_hcx_id_field(void)
{
- return (read_id_aa64mmfr1_el1() >> ID_AA64MMFR1_EL1_HCX_SHIFT) &
- ID_AA64MMFR1_EL1_HCX_MASK;
+ return ISOLATE_FIELD(read_id_aa64mmfr1_el1(), ID_AA64MMFR1_EL1_HCX);
}
static inline bool is_feat_hcx_supported(void)
@@ -268,10 +268,22 @@
/*************************************************************************
* Function to identify the presence of FEAT_TRF (TraceLift)
************************************************************************/
-static inline bool is_arm8_4_feat_trf_present(void)
+static inline unsigned int read_feat_trf_id_field(void)
+{
+ return ISOLATE_FIELD(read_id_aa64dfr0_el1(), ID_AA64DFR0_TRACEFILT);
+}
+
+static inline bool is_feat_trf_supported(void)
{
- return (((read_id_aa64dfr0_el1() >> ID_AA64DFR0_TRACEFILT_SHIFT) &
- ID_AA64DFR0_TRACEFILT_MASK) == ID_AA64DFR0_TRACEFILT_SUPPORTED);
+ if (ENABLE_TRF_FOR_NS == FEAT_STATE_DISABLED) {
+ return false;
+ }
+
+ if (ENABLE_TRF_FOR_NS == FEAT_STATE_ALWAYS) {
+ return true;
+ }
+
+ return read_feat_trf_id_field() != 0U;
}
/********************************************************************************
@@ -288,19 +300,43 @@
* Function to identify the presence of FEAT_BRBE (Branch Record Buffer
* Extension)
******************************************************************************/
-static inline bool is_feat_brbe_present(void)
+static inline unsigned int read_feat_brbe_id_field(void)
{
- return (((read_id_aa64dfr0_el1() >> ID_AA64DFR0_BRBE_SHIFT) &
- ID_AA64DFR0_BRBE_MASK) == ID_AA64DFR0_BRBE_SUPPORTED);
+ return ISOLATE_FIELD(read_id_aa64dfr0_el1(), ID_AA64DFR0_BRBE);
+}
+
+static inline bool is_feat_brbe_supported(void)
+{
+ if (ENABLE_BRBE_FOR_NS == FEAT_STATE_DISABLED) {
+ return false;
+ }
+
+ if (ENABLE_BRBE_FOR_NS == FEAT_STATE_ALWAYS) {
+ return true;
+ }
+
+ return read_feat_brbe_id_field() != 0U;
}
/*******************************************************************************
* Function to identify the presence of FEAT_TRBE (Trace Buffer Extension)
******************************************************************************/
-static inline bool is_feat_trbe_present(void)
+static inline unsigned int read_feat_trbe_id_field(void)
{
- return (((read_id_aa64dfr0_el1() >> ID_AA64DFR0_TRACEBUFFER_SHIFT) &
- ID_AA64DFR0_TRACEBUFFER_MASK) == ID_AA64DFR0_TRACEBUFFER_SUPPORTED);
+ return ISOLATE_FIELD(read_id_aa64dfr0_el1(), ID_AA64DFR0_TRACEBUFFER);
}
+static inline bool is_feat_trbe_supported(void)
+{
+ if (ENABLE_TRBE_FOR_NS == FEAT_STATE_DISABLED) {
+ return false;
+ }
+
+ if (ENABLE_TRBE_FOR_NS == FEAT_STATE_ALWAYS) {
+ return true;
+ }
+
+ return read_feat_trbe_id_field() != 0U;
+
+}
#endif /* ARCH_FEATURES_H */
diff --git a/include/arch/aarch64/arch_helpers.h b/include/arch/aarch64/arch_helpers.h
index 86c1dbe..5d99778 100644
--- a/include/arch/aarch64/arch_helpers.h
+++ b/include/arch/aarch64/arch_helpers.h
@@ -555,6 +555,9 @@
/* Armv8.4 Data Independent Timing Register */
DEFINE_RENAME_SYSREG_RW_FUNCS(dit, DIT)
+/* Armv8.4 FEAT_TRF Register */
+DEFINE_RENAME_SYSREG_RW_FUNCS(trfcr_el2, TRFCR_EL2)
+
/* Armv8.5 MTE Registers */
DEFINE_RENAME_SYSREG_RW_FUNCS(tfsre0_el1, TFSRE0_EL1)
DEFINE_RENAME_SYSREG_RW_FUNCS(tfsr_el1, TFSR_EL1)
diff --git a/include/arch/aarch64/el2_common_macros.S b/include/arch/aarch64/el2_common_macros.S
index 7bf4806..b3b85e6 100644
--- a/include/arch/aarch64/el2_common_macros.S
+++ b/include/arch/aarch64/el2_common_macros.S
@@ -384,13 +384,12 @@
.macro apply_at_speculative_wa
#if ERRATA_SPECULATIVE_AT
/*
- * Explicitly save x30 so as to free up a register and to enable
- * branching and also, save x29 which will be used in the called
- * function
+ * This function expects x30 has been saved.
+ * Also, save x29 which will be used in the called function.
*/
- stp x29, x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
+ str x29, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
bl save_and_update_ptw_el1_sys_regs
- ldp x29, x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
+ ldr x29, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
#endif
.endm
diff --git a/include/arch/aarch64/el3_common_macros.S b/include/arch/aarch64/el3_common_macros.S
index de2b931..7bd927d 100644
--- a/include/arch/aarch64/el3_common_macros.S
+++ b/include/arch/aarch64/el3_common_macros.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023 Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -532,13 +532,12 @@
.macro apply_at_speculative_wa
#if ERRATA_SPECULATIVE_AT
/*
- * Explicitly save x30 so as to free up a register and to enable
- * branching and also, save x29 which will be used in the called
- * function
+ * This function expects x30 has been saved.
+ * Also, save x29 which will be used in the called function.
*/
- stp x29, x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
+ str x29, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
bl save_and_update_ptw_el1_sys_regs
- ldp x29, x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
+ ldr x29, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
#endif
.endm
diff --git a/include/arch/aarch64/smccc_helpers.h b/include/arch/aarch64/smccc_helpers.h
index 920f294..950a811 100644
--- a/include/arch/aarch64/smccc_helpers.h
+++ b/include/arch/aarch64/smccc_helpers.h
@@ -75,6 +75,24 @@
#define SMC_SET_GP(_h, _g, _v) \
write_ctx_reg((get_gpregs_ctx(_h)), (_g), (_v))
+
+/* Useful for SMCCCv1.2 */
+#define SMC_RET18(_h, _x0, _x1, _x2, _x3, _x4, _x5, _x6, _x7, _x8, _x9, \
+ _x10, _x11, _x12, _x13, _x14, _x15, _x16, _x17) { \
+ SMC_SET_GP(_h, CTX_GPREG_X8, _x8); \
+ SMC_SET_GP(_h, CTX_GPREG_X9, _x9); \
+ SMC_SET_GP(_h, CTX_GPREG_X10, _x10); \
+ SMC_SET_GP(_h, CTX_GPREG_X11, _x11); \
+ SMC_SET_GP(_h, CTX_GPREG_X12, _x12); \
+ SMC_SET_GP(_h, CTX_GPREG_X13, _x13); \
+ SMC_SET_GP(_h, CTX_GPREG_X14, _x14); \
+ SMC_SET_GP(_h, CTX_GPREG_X15, _x15); \
+ SMC_SET_GP(_h, CTX_GPREG_X16, _x16); \
+ SMC_SET_GP(_h, CTX_GPREG_X17, _x17); \
+ SMC_RET8(_h, (_x0), (_x1), (_x2), (_x3), (_x4), (_x5), (_x6), \
+ (_x7)); \
+}
+
/*
* Convenience macros to access EL3 context registers using handle provided to
* SMC handler. These take the offset values defined in context.h
diff --git a/include/common/bl_common.ld.h b/include/common/bl_common.ld.h
index 080e331..c9bed1a 100644
--- a/include/common/bl_common.ld.h
+++ b/include/common/bl_common.ld.h
@@ -24,7 +24,7 @@
#define CPU_OPS \
. = ALIGN(STRUCT_ALIGN); \
__CPU_OPS_START__ = .; \
- KEEP(*(cpu_ops)) \
+ KEEP(*(.cpu_ops)) \
__CPU_OPS_END__ = .;
#define PARSER_LIB_DESCS \
@@ -36,14 +36,14 @@
#define RT_SVC_DESCS \
. = ALIGN(STRUCT_ALIGN); \
__RT_SVC_DESCS_START__ = .; \
- KEEP(*(rt_svc_descs)) \
+ KEEP(*(.rt_svc_descs)) \
__RT_SVC_DESCS_END__ = .;
#if SPMC_AT_EL3
#define EL3_LP_DESCS \
. = ALIGN(STRUCT_ALIGN); \
__EL3_LP_DESCS_START__ = .; \
- KEEP(*(el3_lp_descs)) \
+ KEEP(*(.el3_lp_descs)) \
__EL3_LP_DESCS_END__ = .;
#else
#define EL3_LP_DESCS
@@ -52,7 +52,7 @@
#define PMF_SVC_DESCS \
. = ALIGN(STRUCT_ALIGN); \
__PMF_SVC_DESCS_START__ = .; \
- KEEP(*(pmf_svc_descs)) \
+ KEEP(*(.pmf_svc_descs)) \
__PMF_SVC_DESCS_END__ = .;
#define FCONF_POPULATOR \
@@ -81,7 +81,7 @@
#define BASE_XLAT_TABLE \
. = ALIGN(16); \
__BASE_XLAT_TABLE_START__ = .; \
- *(base_xlat_table) \
+ *(.base_xlat_table) \
__BASE_XLAT_TABLE_END__ = .;
#if PLAT_RO_XLAT_TABLES
@@ -135,9 +135,9 @@
#if !(defined(IMAGE_BL31) && RECLAIM_INIT_CODE)
#define STACK_SECTION \
- stacks (NOLOAD) : { \
+ .stacks (NOLOAD) : { \
__STACKS_START__ = .; \
- *(tzfw_normal_stacks) \
+ *(.tzfw_normal_stacks) \
__STACKS_END__ = .; \
}
#endif
@@ -170,7 +170,7 @@
. = ALIGN(CACHE_WRITEBACK_GRANULE); \
__BAKERY_LOCK_START__ = .; \
__PERCPU_BAKERY_LOCK_START__ = .; \
- *(bakery_lock) \
+ *(.bakery_lock) \
. = ALIGN(CACHE_WRITEBACK_GRANULE); \
__PERCPU_BAKERY_LOCK_END__ = .; \
__PERCPU_BAKERY_LOCK_SIZE__ = ABSOLUTE(__PERCPU_BAKERY_LOCK_END__ - __PERCPU_BAKERY_LOCK_START__); \
@@ -191,7 +191,7 @@
#define PMF_TIMESTAMP \
. = ALIGN(CACHE_WRITEBACK_GRANULE); \
__PMF_TIMESTAMP_START__ = .; \
- KEEP(*(pmf_timestamp_array)) \
+ KEEP(*(.pmf_timestamp_array)) \
. = ALIGN(CACHE_WRITEBACK_GRANULE); \
__PMF_PERCPU_TIMESTAMP_END__ = .; \
__PERCPU_TIMESTAMP_SIZE__ = ABSOLUTE(. - __PMF_TIMESTAMP_START__); \
@@ -216,15 +216,15 @@
}
/*
- * The xlat_table section is for full, aligned page tables (4K).
+ * The .xlat_table section is for full, aligned page tables (4K).
* Removing them from .bss avoids forcing 4K alignment on
* the .bss section. The tables are initialized to zero by the translation
* tables library.
*/
#define XLAT_TABLE_SECTION \
- xlat_table (NOLOAD) : { \
+ .xlat_table (NOLOAD) : { \
__XLAT_TABLE_START__ = .; \
- *(xlat_table) \
+ *(.xlat_table) \
__XLAT_TABLE_END__ = .; \
}
diff --git a/include/common/debug.h b/include/common/debug.h
index af47999..5ea541d 100644
--- a/include/common/debug.h
+++ b/include/common/debug.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -99,15 +99,31 @@
#define backtrace(x)
#endif
-void __dead2 do_panic(void);
+void __dead2 el3_panic(void);
+void __dead2 elx_panic(void);
#define panic() \
do { \
backtrace(__func__); \
console_flush(); \
- do_panic(); \
+ el3_panic(); \
} while (false)
+#if CRASH_REPORTING
+/* --------------------------------------------------------------------
+ * do_lower_el_panic assumes it's called due to a panic from a lower EL
+ * This call will not return.
+ * --------------------------------------------------------------------
+ */
+#define lower_el_panic() \
+ do { \
+ console_flush(); \
+ elx_panic(); \
+ } while (false)
+#else
+#define lower_el_panic()
+#endif
+
/* Function called when stack protection check code detects a corrupted stack */
void __dead2 __stack_chk_fail(void);
diff --git a/include/common/interrupt_props.h b/include/common/interrupt_props.h
index 07bafaa..681c896 100644
--- a/include/common/interrupt_props.h
+++ b/include/common/interrupt_props.h
@@ -19,7 +19,7 @@
}
typedef struct interrupt_prop {
- unsigned int intr_num:10;
+ unsigned int intr_num:13;
unsigned int intr_pri:8;
unsigned int intr_grp:2;
unsigned int intr_cfg:2;
diff --git a/include/common/runtime_svc.h b/include/common/runtime_svc.h
index 472a32a..4793e2f 100644
--- a/include/common/runtime_svc.h
+++ b/include/common/runtime_svc.h
@@ -72,7 +72,7 @@
*/
#define DECLARE_RT_SVC(_name, _start, _end, _type, _setup, _smch) \
static const rt_svc_desc_t __svc_desc_ ## _name \
- __section("rt_svc_descs") __used = { \
+ __section(".rt_svc_descs") __used = { \
.start_oen = (_start), \
.end_oen = (_end), \
.call_type = (_type), \
diff --git a/include/common/tbbr/cot_def.h b/include/common/tbbr/cot_def.h
index 60dfb8a..7823ff3 100644
--- a/include/common/tbbr/cot_def.h
+++ b/include/common/tbbr/cot_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,9 +7,7 @@
#ifndef COT_DEF_H
#define COT_DEF_H
-#ifdef MBEDTLS_CONFIG_FILE
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include <mbedtls/version.h>
/* TBBR CoT definitions */
#if defined(SPD_spmd)
diff --git a/include/drivers/auth/auth_mod.h b/include/drivers/auth/auth_mod.h
index 94537f6..28aa407 100644
--- a/include/drivers/auth/auth_mod.h
+++ b/include/drivers/auth/auth_mod.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,7 +7,6 @@
#ifndef AUTH_MOD_H
#define AUTH_MOD_H
-#include <common/tbbr/cot_def.h>
#include <common/tbbr/tbbr_img_def.h>
#include <drivers/auth/auth_common.h>
#include <drivers/auth/img_parser_mod.h>
diff --git a/include/drivers/auth/mbedtls/mbedtls_config.h b/include/drivers/auth/mbedtls/mbedtls_config-2.h
similarity index 100%
rename from include/drivers/auth/mbedtls/mbedtls_config.h
rename to include/drivers/auth/mbedtls/mbedtls_config-2.h
diff --git a/include/drivers/auth/mbedtls/mbedtls_config-3.h b/include/drivers/auth/mbedtls/mbedtls_config-3.h
new file mode 100644
index 0000000..ba936a3
--- /dev/null
+++ b/include/drivers/auth/mbedtls/mbedtls_config-3.h
@@ -0,0 +1,153 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/**
+ * This set of compile-time options may be used to enable
+ * or disable features selectively, and reduce the global
+ * memory footprint.
+ */
+
+/*
+ * Key algorithms currently supported on mbed TLS libraries
+ */
+#define TF_MBEDTLS_RSA 1
+#define TF_MBEDTLS_ECDSA 2
+#define TF_MBEDTLS_RSA_AND_ECDSA 3
+
+#define TF_MBEDTLS_USE_RSA (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA \
+ || TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
+#define TF_MBEDTLS_USE_ECDSA (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA \
+ || TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
+
+/*
+ * Hash algorithms currently supported on mbed TLS libraries
+ */
+#define TF_MBEDTLS_SHA256 1
+#define TF_MBEDTLS_SHA384 2
+#define TF_MBEDTLS_SHA512 3
+
+/*
+ * Configuration file to build mbed TLS with the required features for
+ * Trusted Boot
+ */
+
+#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+/* Prevent mbed TLS from using snprintf so that it can use tf_snprintf. */
+#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+
+#define MBEDTLS_PKCS1_V21
+
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_BIGNUM_C
+
+#define MBEDTLS_ERROR_C
+#define MBEDTLS_MD_C
+
+#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+#define MBEDTLS_OID_C
+
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PK_WRITE_C
+
+#define MBEDTLS_PLATFORM_C
+
+#if TF_MBEDTLS_USE_ECDSA
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#endif
+#if TF_MBEDTLS_USE_RSA
+#define MBEDTLS_RSA_C
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
+#endif
+
+/* The library does not currently support enabling SHA-256 without SHA-224. */
+#define MBEDTLS_SHA224_C
+#define MBEDTLS_SHA256_C
+/*
+ * If either Trusted Boot or Measured Boot require a stronger algorithm than
+ * SHA-256, pull in SHA-512 support. Library currently needs to have SHA_384
+ * support when enabling SHA-512.
+ */
+#if (TF_MBEDTLS_HASH_ALG_ID != TF_MBEDTLS_SHA256) /* TBB hash algo */
+#define MBEDTLS_SHA384_C
+#define MBEDTLS_SHA512_C
+#else
+ /* TBB uses SHA-256, what about measured boot? */
+#if defined(TF_MBEDTLS_MBOOT_USE_SHA512)
+#define MBEDTLS_SHA384_C
+#define MBEDTLS_SHA512_C
+#endif
+#endif
+
+#define MBEDTLS_VERSION_C
+
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_X509_CRT_PARSE_C
+
+#if TF_MBEDTLS_USE_AES_GCM
+#define MBEDTLS_AES_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_GCM_C
+#endif
+
+/* MPI / BIGNUM options */
+#define MBEDTLS_MPI_WINDOW_SIZE 2
+
+#if TF_MBEDTLS_USE_RSA
+#if TF_MBEDTLS_KEY_SIZE <= 2048
+#define MBEDTLS_MPI_MAX_SIZE 256
+#else
+#define MBEDTLS_MPI_MAX_SIZE 512
+#endif
+#else
+#define MBEDTLS_MPI_MAX_SIZE 256
+#endif
+
+/* Memory buffer allocator options */
+#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 8
+
+/*
+ * Prevent the use of 128-bit division which
+ * creates dependency on external libraries.
+ */
+#define MBEDTLS_NO_UDBL_DIVISION
+
+#ifndef __ASSEMBLER__
+/* System headers required to build mbed TLS with the current configuration */
+#include <stdlib.h>
+#include <mbedtls/check_config.h>
+#endif
+
+/*
+ * Determine Mbed TLS heap size
+ * 13312 = 13*1024
+ * 11264 = 11*1024
+ * 7168 = 7*1024
+ */
+#if TF_MBEDTLS_USE_ECDSA
+#define TF_MBEDTLS_HEAP_SIZE U(13312)
+#elif TF_MBEDTLS_USE_RSA
+#if TF_MBEDTLS_KEY_SIZE <= 2048
+#define TF_MBEDTLS_HEAP_SIZE U(7168)
+#else
+#define TF_MBEDTLS_HEAP_SIZE U(11264)
+#endif
+#endif
+
+/*
+ * Warn if errors from certain functions are ignored.
+ *
+ * The warnings are always enabled (where supported) for critical functions
+ * where ignoring the return value is almost always a bug. This macro extends
+ * the warnings to more functions.
+ */
+#define MBEDTLS_CHECK_RETURN_WARNING
diff --git a/include/drivers/auth/tbbr_cot_common.h b/include/drivers/auth/tbbr_cot_common.h
index a51faee..b4f2d22 100644
--- a/include/drivers/auth/tbbr_cot_common.h
+++ b/include/drivers/auth/tbbr_cot_common.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020,2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,6 +7,7 @@
#ifndef TBBR_COT_COMMON_H
#define TBBR_COT_COMMON_H
+#include <common/tbbr/cot_def.h>
#include <drivers/auth/auth_mod.h>
extern unsigned char tb_fw_hash_buf[HASH_DER_LEN];
diff --git a/include/drivers/ufs.h b/include/drivers/ufs.h
index 1cd1bee..e4ec00d 100644
--- a/include/drivers/ufs.h
+++ b/include/drivers/ufs.h
@@ -519,7 +519,7 @@
uintptr_t prdt;
size_t size_upiu;
size_t size_resp_upiu;
- size_t size_prdt;
+ size_t prdt_length;
int task_tag;
} utp_utrd_t;
diff --git a/include/lib/bakery_lock.h b/include/lib/bakery_lock.h
index 1fece01..2cf2b44 100644
--- a/include/lib/bakery_lock.h
+++ b/include/lib/bakery_lock.h
@@ -96,7 +96,7 @@
void bakery_lock_get(bakery_lock_t *bakery);
void bakery_lock_release(bakery_lock_t *bakery);
-#define DEFINE_BAKERY_LOCK(_name) bakery_lock_t _name __section("bakery_lock")
+#define DEFINE_BAKERY_LOCK(_name) bakery_lock_t _name __section(".bakery_lock")
#define DECLARE_BAKERY_LOCK(_name) extern bakery_lock_t _name
diff --git a/include/lib/cpus/aarch32/cpu_macros.S b/include/lib/cpus/aarch32/cpu_macros.S
index a5ae6a4..1f03f09 100644
--- a/include/lib/cpus/aarch32/cpu_macros.S
+++ b/include/lib/cpus/aarch32/cpu_macros.S
@@ -129,7 +129,7 @@
*/
.macro declare_cpu_ops _name:req, _midr:req, _resetfunc:req, \
_power_down_ops:vararg
- .section cpu_ops, "a"
+ .section .cpu_ops, "a"
.align 2
.type cpu_ops_\_name, %object
.word \_midr
diff --git a/include/lib/cpus/aarch64/cpu_macros.S b/include/lib/cpus/aarch64/cpu_macros.S
index 92e65ae..041be51 100644
--- a/include/lib/cpus/aarch64/cpu_macros.S
+++ b/include/lib/cpus/aarch64/cpu_macros.S
@@ -157,7 +157,7 @@
*/
.macro declare_cpu_ops_base _name:req, _midr:req, _resetfunc:req, \
_extra1:req, _extra2:req, _extra3:req, _e_handler:req, _power_down_ops:vararg
- .section cpu_ops, "a"
+ .section .cpu_ops, "a"
.align 3
.type cpu_ops_\_name, %object
.quad \_midr
diff --git a/include/lib/el3_runtime/aarch64/context.h b/include/lib/el3_runtime/aarch64/context.h
index 6986e0e..57cf5f0 100644
--- a/include/lib/el3_runtime/aarch64/context.h
+++ b/include/lib/el3_runtime/aarch64/context.h
@@ -539,10 +539,6 @@
void el2_sysregs_context_save_nv2(el2_sysregs_t *regs);
void el2_sysregs_context_restore_nv2(el2_sysregs_t *regs);
#endif /* CTX_INCLUDE_NEVE_REGS */
-#if ENABLE_TRF_FOR_NS
-void el2_sysregs_context_save_trf(el2_sysregs_t *regs);
-void el2_sysregs_context_restore_trf(el2_sysregs_t *regs);
-#endif /* ENABLE_TRF_FOR_NS */
#if ENABLE_FEAT_CSV2_2
void el2_sysregs_context_save_csv2(el2_sysregs_t *regs);
void el2_sysregs_context_restore_csv2(el2_sysregs_t *regs);
diff --git a/include/lib/el3_runtime/pubsub.h b/include/lib/el3_runtime/pubsub.h
index 64fe5cc..cbd8ecc 100644
--- a/include/lib/el3_runtime/pubsub.h
+++ b/include/lib/el3_runtime/pubsub.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -12,7 +12,7 @@
/* For the linker ... */
#define __pubsub_start_sym(event) __pubsub_##event##_start
#define __pubsub_end_sym(event) __pubsub_##event##_end
-#define __pubsub_section(event) __pubsub_##event
+#define __pubsub_section(event) .__pubsub_##event
/*
* REGISTER_PUBSUB_EVENT has a different definition between linker and compiler
@@ -54,7 +54,7 @@
#define __pubsub_end_sym(event) __pubsub_##event##_end
#endif
-#define __pubsub_section(event) __section("__pubsub_" #event)
+#define __pubsub_section(event) __section(".__pubsub_" #event)
/*
* In compiler context, REGISTER_PUBSUB_EVENT declares the per-event symbols
diff --git a/include/lib/extensions/brbe.h b/include/lib/extensions/brbe.h
index aac1ace..aee208d 100644
--- a/include/lib/extensions/brbe.h
+++ b/include/lib/extensions/brbe.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,6 +7,12 @@
#ifndef BRBE_H
#define BRBE_H
+#if ENABLE_BRBE_FOR_NS
void brbe_enable(void);
+#else
+void brbe_enable(void)
+{
+}
+#endif /* ENABLE_BRBE_FOR_NS */
#endif /* BRBE_H */
diff --git a/include/lib/extensions/trbe.h b/include/lib/extensions/trbe.h
index 1753ab6..0eff7c4 100644
--- a/include/lib/extensions/trbe.h
+++ b/include/lib/extensions/trbe.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,6 +7,12 @@
#ifndef TRBE_H
#define TRBE_H
+#if ENABLE_TRBE_FOR_NS
void trbe_enable(void);
+#else
+void trbe_enable(void)
+{
+}
+#endif /* ENABLE_TRBE_FOR_NS */
#endif /* TRBE_H */
diff --git a/include/lib/extensions/trf.h b/include/lib/extensions/trf.h
index 18f17f3..a440abd 100644
--- a/include/lib/extensions/trf.h
+++ b/include/lib/extensions/trf.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,6 +7,12 @@
#ifndef TRF_H
#define TRF_H
+#if ENABLE_TRF_FOR_NS
void trf_enable(void);
+#else
+void trf_enable(void)
+{
+}
+#endif /* ENABLE_TRF_FOR_NS */
#endif /* TRF_H */
diff --git a/include/lib/pmf/pmf_helpers.h b/include/lib/pmf/pmf_helpers.h
index b49c6da..01cc179 100644
--- a/include/lib/pmf/pmf_helpers.h
+++ b/include/lib/pmf/pmf_helpers.h
@@ -154,7 +154,7 @@
extern unsigned long long pmf_ts_mem_ ## _name[_total_id]; \
unsigned long long pmf_ts_mem_ ## _name[_total_id] \
__aligned(CACHE_WRITEBACK_GRANULE) \
- __section("pmf_timestamp_array") \
+ __section(".pmf_timestamp_array") \
__used;
/*
@@ -225,7 +225,7 @@
#define PMF_DEFINE_SERVICE_DESC(_name, _implid, _svcid, _totalid, \
_init, _getts_by_mpidr) \
static const pmf_svc_desc_t __pmf_desc_ ## _name \
- __section("pmf_svc_descs") __used = { \
+ __section(".pmf_svc_descs") __used = { \
.h.type = PARAM_EP, \
.h.version = VERSION_1, \
.h.size = sizeof(pmf_svc_desc_t), \
diff --git a/include/lib/xlat_tables/xlat_tables_v2.h b/include/lib/xlat_tables/xlat_tables_v2.h
index 69ad027..4d16ced 100644
--- a/include/lib/xlat_tables/xlat_tables_v2.h
+++ b/include/lib/xlat_tables/xlat_tables_v2.h
@@ -203,7 +203,7 @@
(_virt_addr_space_size), \
(_phy_addr_space_size), \
EL_REGIME_INVALID, \
- "xlat_table", "base_xlat_table")
+ ".xlat_table", ".base_xlat_table")
/*
* Same as REGISTER_XLAT_CONTEXT plus the additional parameters:
diff --git a/include/plat/arm/common/arm_def.h b/include/plat/arm/common/arm_def.h
index 7cd32b1..38793cd 100644
--- a/include/plat/arm/common/arm_def.h
+++ b/include/plat/arm/common/arm_def.h
@@ -109,7 +109,7 @@
/*
* Define a region within the TZC secured DRAM for use by EL3 runtime
* firmware. This region is meant to be NOLOAD and will not be zero
- * initialized. Data sections with the attribute `arm_el3_tzc_dram` will be
+ * initialized. Data sections with the attribute `.arm_el3_tzc_dram` will be
* placed here. 3MB region is reserved if RME is enabled, 2MB otherwise.
*/
#define ARM_EL3_TZC_DRAM1_SIZE UL(0x00300000) /* 3MB */
diff --git a/include/plat/arm/common/arm_reclaim_init.ld.S b/include/plat/arm/common/arm_reclaim_init.ld.S
index 788e9ff..a77c964 100644
--- a/include/plat/arm/common/arm_reclaim_init.ld.S
+++ b/include/plat/arm/common/arm_reclaim_init.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -26,9 +26,9 @@
#define ABS ABSOLUTE
#define STACK_SECTION \
- stacks (NOLOAD) : { \
+ .stacks (NOLOAD) : { \
__STACKS_START__ = .; \
- *(tzfw_normal_stacks) \
+ *(.tzfw_normal_stacks) \
__STACKS_END__ = .; \
/* Allow room for the init section where necessary. */ \
OFFSET = ABS(SIZEOF(.init) - (. - __STACKS_START__)); \
diff --git a/include/plat/arm/common/arm_tzc_dram.ld.S b/include/plat/arm/common/arm_tzc_dram.ld.S
index 6dcea0b..c790bb9 100644
--- a/include/plat/arm/common/arm_tzc_dram.ld.S
+++ b/include/plat/arm/common/arm_tzc_dram.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -17,9 +17,9 @@
. = ARM_EL3_TZC_DRAM1_BASE;
ASSERT(. == ALIGN(PAGE_SIZE),
"ARM_EL3_TZC_DRAM_BASE address is not aligned on a page boundary.")
- el3_tzc_dram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .el3_tzc_dram (NOLOAD) : ALIGN(PAGE_SIZE) {
__EL3_SEC_DRAM_START__ = .;
- *(arm_el3_tzc_dram)
+ *(.arm_el3_tzc_dram)
__EL3_SEC_DRAM_UNALIGNED_END__ = .;
. = ALIGN(PAGE_SIZE);
diff --git a/include/services/el3_spmc_logical_sp.h b/include/services/el3_spmc_logical_sp.h
index 7ec9958..5ce33ed 100644
--- a/include/services/el3_spmc_logical_sp.h
+++ b/include/services/el3_spmc_logical_sp.h
@@ -35,7 +35,7 @@
#define DECLARE_LOGICAL_PARTITION(_name, _init, _sp_id, _uuid, _properties, \
_direct_req) \
static const struct el3_lp_desc __partition_desc_ ## _name \
- __section("el3_lp_descs") __used = { \
+ __section(".el3_lp_descs") __used = { \
.debug_name = #_name, \
.init = (_init), \
.sp_id = (_sp_id), \
diff --git a/include/services/ffa_svc.h b/include/services/ffa_svc.h
index da016fd..8bc911a 100644
--- a/include/services/ffa_svc.h
+++ b/include/services/ffa_svc.h
@@ -24,7 +24,7 @@
/* The macros below are used to identify FFA calls from the SMC function ID */
#define FFA_FNUM_MIN_VALUE U(0x60)
-#define FFA_FNUM_MAX_VALUE U(0x87)
+#define FFA_FNUM_MAX_VALUE U(0x8B)
#define is_ffa_fid(fid) __extension__ ({ \
__typeof__(fid) _fid = (fid); \
((GET_SMC_NUM(_fid) >= FFA_FNUM_MIN_VALUE) && \
@@ -117,6 +117,7 @@
#define FFA_FNUM_SPM_ID_GET U(0x85)
#define FFA_FNUM_MSG_SEND2 U(0x86)
#define FFA_FNUM_SECONDARY_EP_REGISTER U(0x87)
+#define FFA_FNUM_PARTITION_INFO_GET_REGS U(0x8B)
/* FFA SMC32 FIDs */
#define FFA_ERROR FFA_FID(SMC_32, FFA_FNUM_ERROR)
@@ -180,6 +181,8 @@
FFA_FID(SMC_64, FFA_FNUM_SECONDARY_EP_REGISTER)
#define FFA_NOTIFICATION_INFO_GET_SMC64 \
FFA_FID(SMC_64, FFA_FNUM_NOTIFICATION_INFO_GET)
+#define FFA_PARTITION_INFO_GET_REGS_SMC64 \
+ FFA_FID(SMC_64, FFA_FNUM_PARTITION_INFO_GET_REGS)
/*
* FF-A partition properties values.
diff --git a/lib/el3_runtime/aarch32/context_mgmt.c b/lib/el3_runtime/aarch32/context_mgmt.c
index af8edf5..e494a86 100644
--- a/lib/el3_runtime/aarch32/context_mgmt.c
+++ b/lib/el3_runtime/aarch32/context_mgmt.c
@@ -11,6 +11,7 @@
#include <platform_def.h>
#include <arch.h>
+#include <arch_features.h>
#include <arch_helpers.h>
#include <common/bl_common.h>
#include <context.h>
@@ -143,9 +144,9 @@
sys_reg_trace_enable();
#endif /* ENABLE_SYS_REG_TRACE_FOR_NS */
-#if ENABLE_TRF_FOR_NS
- trf_enable();
-#endif /* ENABLE_TRF_FOR_NS */
+ if (is_feat_trf_supported()) {
+ trf_enable();
+ }
#endif
}
diff --git a/lib/el3_runtime/aarch64/context.S b/lib/el3_runtime/aarch64/context.S
index 722b8ae..d439148 100644
--- a/lib/el3_runtime/aarch64/context.S
+++ b/lib/el3_runtime/aarch64/context.S
@@ -41,10 +41,6 @@
.global el2_sysregs_context_save_nv2
.global el2_sysregs_context_restore_nv2
#endif /* CTX_INCLUDE_NEVE_REGS */
-#if ENABLE_TRF_FOR_NS
- .global el2_sysregs_context_save_trf
- .global el2_sysregs_context_restore_trf
-#endif /* ENABLE_TRF_FOR_NS */
#if ENABLE_FEAT_CSV2_2
.global el2_sysregs_context_save_csv2
.global el2_sysregs_context_restore_csv2
@@ -536,26 +532,6 @@
endfunc el2_sysregs_context_restore_nv2
#endif /* CTX_INCLUDE_NEVE_REGS */
-#if ENABLE_TRF_FOR_NS
-func el2_sysregs_context_save_trf
- /*
- * TRFCR_EL2 register is saved only when FEAT_TRF is supported.
- */
- mrs x12, TRFCR_EL2
- str x12, [x0, #CTX_TRFCR_EL2]
- ret
-endfunc el2_sysregs_context_save_trf
-
-func el2_sysregs_context_restore_trf
- /*
- * TRFCR_EL2 register is restored only when FEAT_TRF is supported.
- */
- ldr x12, [x0, #CTX_TRFCR_EL2]
- msr TRFCR_EL2, x12
- ret
-endfunc el2_sysregs_context_restore_trf
-#endif /* ENABLE_TRF_FOR_NS */
-
#if ENABLE_FEAT_CSV2_2
func el2_sysregs_context_save_csv2
/*
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index dab25d6..4d2079d 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -495,21 +495,21 @@
mpam_enable(el2_unused);
#endif
-#if ENABLE_TRBE_FOR_NS
- trbe_enable();
-#endif /* ENABLE_TRBE_FOR_NS */
+ if (is_feat_trbe_supported()) {
+ trbe_enable();
+ }
-#if ENABLE_BRBE_FOR_NS
- brbe_enable();
-#endif /* ENABLE_BRBE_FOR_NS */
+ if (is_feat_brbe_supported()) {
+ brbe_enable();
+ }
#if ENABLE_SYS_REG_TRACE_FOR_NS
sys_reg_trace_enable(ctx);
#endif /* ENABLE_SYS_REG_TRACE_FOR_NS */
-#if ENABLE_TRF_FOR_NS
- trf_enable();
-#endif /* ENABLE_TRF_FOR_NS */
+ if (is_feat_trf_supported()) {
+ trf_enable();
+ }
#endif
}
@@ -805,30 +805,26 @@
static void el2_sysregs_context_save_fgt(el2_sysregs_t *ctx)
{
- if (is_feat_fgt_supported()) {
- write_ctx_reg(ctx, CTX_HDFGRTR_EL2, read_hdfgrtr_el2());
- if (is_feat_amu_supported()) {
- write_ctx_reg(ctx, CTX_HAFGRTR_EL2, read_hafgrtr_el2());
- }
- write_ctx_reg(ctx, CTX_HDFGWTR_EL2, read_hdfgwtr_el2());
- write_ctx_reg(ctx, CTX_HFGITR_EL2, read_hfgitr_el2());
- write_ctx_reg(ctx, CTX_HFGRTR_EL2, read_hfgrtr_el2());
- write_ctx_reg(ctx, CTX_HFGWTR_EL2, read_hfgwtr_el2());
+ write_ctx_reg(ctx, CTX_HDFGRTR_EL2, read_hdfgrtr_el2());
+ if (is_feat_amu_supported()) {
+ write_ctx_reg(ctx, CTX_HAFGRTR_EL2, read_hafgrtr_el2());
}
+ write_ctx_reg(ctx, CTX_HDFGWTR_EL2, read_hdfgwtr_el2());
+ write_ctx_reg(ctx, CTX_HFGITR_EL2, read_hfgitr_el2());
+ write_ctx_reg(ctx, CTX_HFGRTR_EL2, read_hfgrtr_el2());
+ write_ctx_reg(ctx, CTX_HFGWTR_EL2, read_hfgwtr_el2());
}
static void el2_sysregs_context_restore_fgt(el2_sysregs_t *ctx)
{
- if (is_feat_fgt_supported()) {
- write_hdfgrtr_el2(read_ctx_reg(ctx, CTX_HDFGRTR_EL2));
- if (is_feat_amu_supported()) {
- write_hafgrtr_el2(read_ctx_reg(ctx, CTX_HAFGRTR_EL2));
- }
- write_hdfgwtr_el2(read_ctx_reg(ctx, CTX_HDFGWTR_EL2));
- write_hfgitr_el2(read_ctx_reg(ctx, CTX_HFGITR_EL2));
- write_hfgrtr_el2(read_ctx_reg(ctx, CTX_HFGRTR_EL2));
- write_hfgwtr_el2(read_ctx_reg(ctx, CTX_HFGWTR_EL2));
+ write_hdfgrtr_el2(read_ctx_reg(ctx, CTX_HDFGRTR_EL2));
+ if (is_feat_amu_supported()) {
+ write_hafgrtr_el2(read_ctx_reg(ctx, CTX_HAFGRTR_EL2));
}
+ write_hdfgwtr_el2(read_ctx_reg(ctx, CTX_HDFGWTR_EL2));
+ write_hfgitr_el2(read_ctx_reg(ctx, CTX_HFGITR_EL2));
+ write_hfgrtr_el2(read_ctx_reg(ctx, CTX_HFGRTR_EL2));
+ write_hfgwtr_el2(read_ctx_reg(ctx, CTX_HFGWTR_EL2));
}
/*******************************************************************************
@@ -863,7 +859,9 @@
el2_sysregs_context_save_mpam(el2_sysregs_ctx);
#endif
- el2_sysregs_context_save_fgt(el2_sysregs_ctx);
+ if (is_feat_fgt_supported()) {
+ el2_sysregs_context_save_fgt(el2_sysregs_ctx);
+ }
#if ENABLE_FEAT_ECV
el2_sysregs_context_save_ecv(el2_sysregs_ctx);
@@ -877,9 +875,9 @@
#if CTX_INCLUDE_NEVE_REGS
el2_sysregs_context_save_nv2(el2_sysregs_ctx);
#endif
-#if ENABLE_TRF_FOR_NS
- el2_sysregs_context_save_trf(el2_sysregs_ctx);
-#endif
+ if (is_feat_trf_supported()) {
+ write_ctx_reg(el2_sysregs_ctx, CTX_TRFCR_EL2, read_trfcr_el2());
+ }
#if ENABLE_FEAT_CSV2_2
el2_sysregs_context_save_csv2(el2_sysregs_ctx);
#endif
@@ -921,7 +919,9 @@
el2_sysregs_context_restore_mpam(el2_sysregs_ctx);
#endif
- el2_sysregs_context_restore_fgt(el2_sysregs_ctx);
+ if (is_feat_fgt_supported()) {
+ el2_sysregs_context_restore_fgt(el2_sysregs_ctx);
+ }
#if ENABLE_FEAT_ECV
el2_sysregs_context_restore_ecv(el2_sysregs_ctx);
@@ -935,9 +935,9 @@
#if CTX_INCLUDE_NEVE_REGS
el2_sysregs_context_restore_nv2(el2_sysregs_ctx);
#endif
-#if ENABLE_TRF_FOR_NS
- el2_sysregs_context_restore_trf(el2_sysregs_ctx);
-#endif
+ if (is_feat_trf_supported()) {
+ write_trfcr_el2(read_ctx_reg(el2_sysregs_ctx, CTX_TRFCR_EL2));
+ }
#if ENABLE_FEAT_CSV2_2
el2_sysregs_context_restore_csv2(el2_sysregs_ctx);
#endif
diff --git a/lib/extensions/brbe/brbe.c b/lib/extensions/brbe/brbe.c
index 1982619..329cf98 100644
--- a/lib/extensions/brbe/brbe.c
+++ b/lib/extensions/brbe/brbe.c
@@ -12,16 +12,14 @@
{
uint64_t val;
- if (is_feat_brbe_present()) {
- /*
- * MDCR_EL3.SBRBE = 0b01
- *
- * Allows BRBE usage in non-secure world and prohibited in
- * secure world.
- */
- val = read_mdcr_el3();
- val &= ~(MDCR_SBRBE_MASK << MDCR_SBRBE_SHIFT);
- val |= (0x1UL << MDCR_SBRBE_SHIFT);
- write_mdcr_el3(val);
- }
+ /*
+ * MDCR_EL3.SBRBE = 0b01
+ *
+ * Allows BRBE usage in non-secure world and prohibited in
+ * secure world.
+ */
+ val = read_mdcr_el3();
+ val &= ~(MDCR_SBRBE_MASK << MDCR_SBRBE_SHIFT);
+ val |= (0x1UL << MDCR_SBRBE_SHIFT);
+ write_mdcr_el3(val);
}
diff --git a/lib/extensions/trbe/trbe.c b/lib/extensions/trbe/trbe.c
index b346387..fa139ca 100644
--- a/lib/extensions/trbe/trbe.c
+++ b/lib/extensions/trbe/trbe.c
@@ -23,22 +23,20 @@
{
uint64_t val;
- if (is_feat_trbe_present()) {
- /*
- * MDCR_EL3.NSTB = 0b11
- * Allow access of trace buffer control registers from NS-EL1
- * and NS-EL2, tracing is prohibited in Secure and Realm state
- * (if implemented).
- */
- val = read_mdcr_el3();
- val |= MDCR_NSTB(MDCR_NSTB_EL1);
- write_mdcr_el3(val);
- }
+ /*
+ * MDCR_EL3.NSTB = 0b11
+ * Allow access of trace buffer control registers from NS-EL1
+ * and NS-EL2, tracing is prohibited in Secure and Realm state
+ * (if implemented).
+ */
+ val = read_mdcr_el3();
+ val |= MDCR_NSTB(MDCR_NSTB_EL1);
+ write_mdcr_el3(val);
}
static void *trbe_drain_trace_buffers_hook(const void *arg __unused)
{
- if (is_feat_trbe_present()) {
+ if (is_feat_trbe_supported()) {
/*
* Before switching from normal world to secure world
* the trace buffers need to be drained out to memory. This is
diff --git a/lib/extensions/trf/aarch32/trf.c b/lib/extensions/trf/aarch32/trf.c
index 834092d..0c63efa 100644
--- a/lib/extensions/trf/aarch32/trf.c
+++ b/lib/extensions/trf/aarch32/trf.c
@@ -10,26 +10,15 @@
#include <arch_helpers.h>
#include <lib/extensions/trf.h>
-static bool trf_supported(void)
-{
- uint32_t features;
-
- features = read_id_dfr0() >> ID_DFR0_TRACEFILT_SHIFT;
- return ((features & ID_DFR0_TRACEFILT_MASK) ==
- ID_DFR0_TRACEFILT_SUPPORTED);
-}
-
void trf_enable(void)
{
uint32_t val;
- if (trf_supported()) {
- /*
- * Allow access of trace filter control registers from
- * non-monitor mode
- */
- val = read_sdcr();
- val &= ~SDCR_TTRF_BIT;
- write_sdcr(val);
- }
+ /*
+ * Allow access of trace filter control registers from
+ * non-monitor mode
+ */
+ val = read_sdcr();
+ val &= ~SDCR_TTRF_BIT;
+ write_sdcr(val);
}
diff --git a/lib/extensions/trf/aarch64/trf.c b/lib/extensions/trf/aarch64/trf.c
index 1da5dce..941692b 100644
--- a/lib/extensions/trf/aarch64/trf.c
+++ b/lib/extensions/trf/aarch64/trf.c
@@ -4,33 +4,21 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <stdbool.h>
-
#include <arch.h>
+#include <arch_features.h>
#include <arch_helpers.h>
#include <lib/extensions/trf.h>
-static bool trf_supported(void)
-{
- uint64_t features;
-
- features = read_id_aa64dfr0_el1() >> ID_AA64DFR0_TRACEFILT_SHIFT;
- return ((features & ID_AA64DFR0_TRACEFILT_MASK) ==
- ID_AA64DFR0_TRACEFILT_SUPPORTED);
-}
-
void trf_enable(void)
{
uint64_t val;
- if (trf_supported()) {
- /*
- * MDCR_EL3.TTRF = b0
- * Allow access of trace filter control registers from NS-EL2
- * and NS-EL1 when NS-EL2 is implemented but not used
- */
- val = read_mdcr_el3();
- val &= ~MDCR_TTRF_BIT;
- write_mdcr_el3(val);
- }
+ /*
+ * MDCR_EL3.TTRF = b0
+ * Allow access of trace filter control registers from NS-EL2
+ * and NS-EL1 when NS-EL2 is implemented but not used
+ */
+ val = read_mdcr_el3();
+ val &= ~MDCR_TTRF_BIT;
+ write_mdcr_el3(val);
}
diff --git a/lib/fconf/fconf_cot_getter.c b/lib/fconf/fconf_cot_getter.c
index ae59d8c..1033018 100644
--- a/lib/fconf/fconf_cot_getter.c
+++ b/lib/fconf/fconf_cot_getter.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,8 +7,10 @@
#include <assert.h>
#include <stddef.h>
+#include <mbedtls/version.h>
+
#include <common/fdt_wrappers.h>
-#include MBEDTLS_CONFIG_FILE
+#include <common/tbbr/cot_def.h>
#include <drivers/auth/auth_mod.h>
#include <lib/fconf/fconf.h>
#include <lib/object_pool.h>
diff --git a/lib/pmf/pmf_main.c b/lib/pmf/pmf_main.c
index 131a055..ce2f0d9 100644
--- a/lib/pmf/pmf_main.c
+++ b/lib/pmf/pmf_main.c
@@ -17,7 +17,7 @@
/*******************************************************************************
* The 'pmf_svc_descs' array holds the PMF service descriptors exported by
- * services by placing them in the 'pmf_svc_descs' linker section.
+ * services by placing them in the '.pmf_svc_descs' linker section.
* The 'pmf_svc_descs_indices' array holds the index of a descriptor in the
* 'pmf_svc_descs' array. The TIF[15:10] bits in the time-stamp id are used
* to get an index into the 'pmf_svc_descs_indices' array. This gives the
diff --git a/lib/psci/psci_common.c b/lib/psci/psci_common.c
index 8d736cc..f233be1 100644
--- a/lib/psci/psci_common.c
+++ b/lib/psci/psci_common.c
@@ -55,7 +55,7 @@
******************************************************************************/
non_cpu_pd_node_t psci_non_cpu_pd_nodes[PSCI_NUM_NON_CPU_PWR_DOMAINS]
#if USE_COHERENT_MEM
-__section("tzfw_coherent_mem")
+__section(".tzfw_coherent_mem")
#endif
;
diff --git a/lib/xlat_tables/aarch32/nonlpae_tables.c b/lib/xlat_tables/aarch32/nonlpae_tables.c
index 7cd509d..1e207a4 100644
--- a/lib/xlat_tables/aarch32/nonlpae_tables.c
+++ b/lib/xlat_tables/aarch32/nonlpae_tables.c
@@ -138,10 +138,10 @@
static uintptr_t xlat_max_va;
static uint32_t mmu_l1_base[NUM_1MB_IN_4GB]
- __aligned(MMU32B_L1_TABLE_ALIGN) __attribute__((section("xlat_table")));
+ __aligned(MMU32B_L1_TABLE_ALIGN) __attribute__((section(".xlat_table")));
static uint32_t mmu_l2_base[MAX_XLAT_TABLES][NUM_4K_IN_1MB]
- __aligned(MMU32B_L2_TABLE_ALIGN) __attribute__((section("xlat_table")));
+ __aligned(MMU32B_L2_TABLE_ALIGN) __attribute__((section(".xlat_table")));
/*
* Array of all memory regions stored in order of ascending base address.
diff --git a/lib/xlat_tables/xlat_tables_common.c b/lib/xlat_tables/xlat_tables_common.c
index 23fe3f0..71273cb 100644
--- a/lib/xlat_tables/xlat_tables_common.c
+++ b/lib/xlat_tables/xlat_tables_common.c
@@ -39,7 +39,7 @@
#define MT_UNKNOWN ~0U
static uint64_t xlat_tables[MAX_XLAT_TABLES][XLAT_TABLE_ENTRIES]
- __aligned(XLAT_TABLE_SIZE) __section("xlat_table");
+ __aligned(XLAT_TABLE_SIZE) __section(".xlat_table");
static unsigned int next_xlat;
static unsigned long long xlat_max_pa;
diff --git a/make_helpers/build_macros.mk b/make_helpers/build_macros.mk
index a6b1d52..4815efa 100644
--- a/make_helpers/build_macros.mk
+++ b/make_helpers/build_macros.mk
@@ -274,10 +274,11 @@
define MAKE_C_LIB
$(eval OBJ := $(1)/$(patsubst %.c,%.o,$(notdir $(2))))
$(eval DEP := $(patsubst %.o,%.d,$(OBJ)))
+$(eval LIB := $(call uppercase, $(notdir $(1))))
$(OBJ): $(2) $(filter-out %.d,$(MAKEFILE_LIST)) | lib$(3)_dirs
$$(ECHO) " CC $$<"
- $$(Q)$$(CC) $$(TF_CFLAGS) $$(CFLAGS) $(MAKE_DEP) -c $$< -o $$@
+ $$(Q)$$(CC) $$($(LIB)_CFLAGS) $$(TF_CFLAGS) $$(CFLAGS) $(MAKE_DEP) -c $$< -o $$@
-include $(DEP)
diff --git a/plat/arm/board/arm_fpga/build_axf.ld.S b/plat/arm/board/arm_fpga/build_axf.ld.S
index d8254e5..bd3d163 100644
--- a/plat/arm/board/arm_fpga/build_axf.ld.S
+++ b/plat/arm/board/arm_fpga/build_axf.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, ARM Limited. All rights reserved.
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -46,7 +46,7 @@
KEEP(*(.kern_tramp))
}
- /DISCARD/ : { *(stacks) }
+ /DISCARD/ : { *(.stacks) }
/DISCARD/ : { *(.debug_*) }
/DISCARD/ : { *(.note*) }
/DISCARD/ : { *(.comment*) }
diff --git a/plat/arm/board/fvp/fvp_el3_spmc.c b/plat/arm/board/fvp/fvp_el3_spmc.c
index 2b347ed..6b44f63 100644
--- a/plat/arm/board/fvp/fvp_el3_spmc.c
+++ b/plat/arm/board/fvp/fvp_el3_spmc.c
@@ -18,7 +18,7 @@
#define PLAT_SPMC_SHMEM_DATASTORE_SIZE 512 * 1024
-__section("arm_el3_tzc_dram") static uint8_t
+__section(".arm_el3_tzc_dram") static uint8_t
plat_spmc_shmem_datastore[PLAT_SPMC_SHMEM_DATASTORE_SIZE];
int plat_spmc_shmem_datastore_get(uint8_t **datastore, size_t *size)
diff --git a/plat/arm/board/fvp/fvp_plat_attest_token.c b/plat/arm/board/fvp/fvp_plat_attest_token.c
index 4dd37a4..dda2156 100644
--- a/plat/arm/board/fvp/fvp_plat_attest_token.c
+++ b/plat/arm/board/fvp/fvp_plat_attest_token.c
@@ -10,88 +10,90 @@
/* Using hardcoded token values for AEM FVP */
static uint8_t platform_token[] = {
- 0xD2, 0x84, 0x40, 0xA0, 0x59, 0x02, 0x46, 0xA9,
- 0x19, 0x01, 0x09, 0x78, 0x1C, 0x68, 0x74, 0x74,
- 0x70, 0x3A, 0x2F, 0x2F, 0x61, 0x72, 0x6D, 0x2E,
- 0x63, 0x6F, 0x6D, 0x2F, 0x43, 0x43, 0x41, 0x2D,
- 0x53, 0x53, 0x44, 0x2F, 0x31, 0x2E, 0x30, 0x2E,
- 0x30, 0x0A, 0x58, 0x20, 0x07, 0x06, 0x05, 0x04,
- 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D, 0x0C,
- 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15, 0x14,
- 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D, 0x1C,
- 0x1B, 0x1A, 0x19, 0x18, 0x19, 0x09, 0x5C, 0x58,
- 0x40, 0x7F, 0x45, 0x4C, 0x46, 0x02, 0x01, 0x01,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x03, 0x00, 0x3E, 0x00, 0x01, 0x00, 0x00,
- 0x00, 0x50, 0x58, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0xA0, 0x03, 0x02, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x38,
- 0x00, 0x09, 0x00, 0x40, 0x00, 0x1C, 0x00, 0x1B,
- 0x00, 0x19, 0x01, 0x00, 0x58, 0x21, 0x01, 0x07,
- 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F,
- 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17,
- 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F,
- 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x19,
- 0x09, 0x61, 0x58, 0x21, 0x01, 0x07, 0x06, 0x05,
- 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D,
- 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15,
- 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D,
- 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x19, 0x09, 0x5B,
- 0x19, 0x30, 0x03, 0x19, 0x09, 0x62, 0x67, 0x73,
- 0x68, 0x61, 0x2D, 0x32, 0x35, 0x36, 0x19, 0x09,
- 0x5F, 0x84, 0xA5, 0x01, 0x62, 0x42, 0x4C, 0x05,
- 0x58, 0x20, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02,
- 0x01, 0x00, 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A,
- 0x09, 0x08, 0x17, 0x16, 0x15, 0x14, 0x13, 0x12,
- 0x11, 0x10, 0x1F, 0x1E, 0x1D, 0x1C, 0x1B, 0x1A,
- 0x19, 0x18, 0x04, 0x65, 0x33, 0x2E, 0x34, 0x2E,
- 0x32, 0x02, 0x58, 0x20, 0x07, 0x06, 0x05, 0x04,
- 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D, 0x0C,
- 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15, 0x14,
- 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D, 0x1C,
- 0x1B, 0x1A, 0x19, 0x18, 0x06, 0x67, 0x73, 0x68,
- 0x61, 0x2D, 0x32, 0x35, 0x36, 0xA4, 0x01, 0x62,
- 0x4D, 0x31, 0x05, 0x58, 0x20, 0x07, 0x06, 0x05,
- 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D,
- 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15,
- 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D,
- 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x04, 0x63, 0x31,
- 0x2E, 0x32, 0x02, 0x58, 0x20, 0x07, 0x06, 0x05,
- 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D,
- 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15,
- 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D,
- 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0xA4, 0x01, 0x62,
- 0x4D, 0x32, 0x05, 0x58, 0x20, 0x07, 0x06, 0x05,
- 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D,
- 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15,
- 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D,
- 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x04, 0x65, 0x31,
- 0x2E, 0x32, 0x2E, 0x33, 0x02, 0x58, 0x20, 0x07,
- 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F,
- 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17,
- 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F,
- 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0xA4,
- 0x01, 0x62, 0x4D, 0x33, 0x05, 0x58, 0x20, 0x07,
- 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F,
- 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17,
- 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F,
- 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x04,
- 0x61, 0x31, 0x02, 0x58, 0x20, 0x07, 0x06, 0x05,
- 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D,
- 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15,
- 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D,
- 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x19, 0x09, 0x60,
- 0x6C, 0x77, 0x68, 0x61, 0x74, 0x65, 0x76, 0x65,
- 0x72, 0x2E, 0x63, 0x6F, 0x6D, 0x58, 0x40, 0x84,
- 0x32, 0x12, 0x5B, 0x92, 0x6B, 0x20, 0xD8, 0x14,
- 0xC1, 0xC1, 0x8C, 0x3C, 0x73, 0xB8, 0x29, 0x0F,
- 0x42, 0xBC, 0x0B, 0x25, 0x87, 0x5C, 0x4F, 0xA4,
- 0xFA, 0xD9, 0xDE, 0xC1, 0x2B, 0x20, 0xED, 0xDF,
- 0x1C, 0xDD, 0x1A, 0x09, 0xBD, 0xA0, 0x25, 0x48,
- 0xC6, 0xBB, 0x99, 0xA1, 0x30, 0x4F, 0x2C, 0xDC,
- 0x89, 0xE8, 0xB7, 0xFF, 0x32, 0xE9, 0x3F, 0xBB,
- 0xC6, 0xBF, 0x9D, 0x38, 0x68, 0xE1, 0xB2,
+ 0xD2, 0x84, 0x44, 0xA1, 0x01, 0x38, 0x22, 0xA0,
+ 0x59, 0x02, 0x33, 0xA9, 0x19, 0x01, 0x09, 0x78,
+ 0x1C, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F,
+ 0x61, 0x72, 0x6D, 0x2E, 0x63, 0x6F, 0x6D, 0x2F,
+ 0x43, 0x43, 0x41, 0x2D, 0x53, 0x53, 0x44, 0x2F,
+ 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x0A, 0x58, 0x20,
+ 0xB5, 0x97, 0x3C, 0xB6, 0x8B, 0xAA, 0x9F, 0xC5,
+ 0x55, 0x58, 0x78, 0x6B, 0x7E, 0xC6, 0x7F, 0x69,
+ 0xE4, 0x0D, 0xF5, 0xBA, 0x5A, 0xA9, 0x21, 0xCD,
+ 0x0C, 0x27, 0xF4, 0x05, 0x87, 0xA0, 0x11, 0xEA,
+ 0x19, 0x09, 0x5C, 0x58, 0x20, 0x7F, 0x45, 0x4C,
+ 0x46, 0x02, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x3E,
+ 0x00, 0x01, 0x00, 0x00, 0x00, 0x50, 0x58, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x19, 0x01, 0x00,
+ 0x58, 0x21, 0x01, 0x07, 0x06, 0x05, 0x04, 0x03,
+ 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D, 0x0C, 0x0B,
+ 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15, 0x14, 0x13,
+ 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D, 0x1C, 0x1B,
+ 0x1A, 0x19, 0x18, 0x19, 0x09, 0x61, 0x58, 0x21,
+ 0x01, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01,
+ 0x00, 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09,
+ 0x08, 0x17, 0x16, 0x15, 0x14, 0x13, 0x12, 0x11,
+ 0x10, 0x1F, 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19,
+ 0x18, 0x19, 0x09, 0x5B, 0x19, 0x30, 0x03, 0x19,
+ 0x09, 0x62, 0x67, 0x73, 0x68, 0x61, 0x2D, 0x32,
+ 0x35, 0x36, 0x19, 0x09, 0x5F, 0x84, 0xA5, 0x01,
+ 0x62, 0x42, 0x4C, 0x05, 0x58, 0x20, 0x07, 0x06,
+ 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E,
+ 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16,
+ 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E,
+ 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x04, 0x65,
+ 0x33, 0x2E, 0x34, 0x2E, 0x32, 0x02, 0x58, 0x20,
+ 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
+ 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08,
+ 0x17, 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10,
+ 0x1F, 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18,
+ 0x06, 0x74, 0x54, 0x46, 0x2D, 0x4D, 0x5F, 0x53,
+ 0x48, 0x41, 0x32, 0x35, 0x36, 0x4D, 0x65, 0x6D,
+ 0x50, 0x72, 0x65, 0x58, 0x49, 0x50, 0xA4, 0x01,
+ 0x62, 0x4D, 0x31, 0x05, 0x58, 0x20, 0x07, 0x06,
+ 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E,
+ 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16,
+ 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E,
+ 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x04, 0x63,
+ 0x31, 0x2E, 0x32, 0x02, 0x58, 0x20, 0x07, 0x06,
+ 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E,
+ 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16,
+ 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E,
+ 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0xA4, 0x01,
+ 0x62, 0x4D, 0x32, 0x05, 0x58, 0x20, 0x07, 0x06,
+ 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E,
+ 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16,
+ 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E,
+ 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x04, 0x65,
+ 0x31, 0x2E, 0x32, 0x2E, 0x33, 0x02, 0x58, 0x20,
+ 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
+ 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08,
+ 0x17, 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10,
+ 0x1F, 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18,
+ 0xA4, 0x01, 0x62, 0x4D, 0x33, 0x05, 0x58, 0x20,
+ 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
+ 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08,
+ 0x17, 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10,
+ 0x1F, 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18,
+ 0x04, 0x61, 0x31, 0x02, 0x58, 0x20, 0x07, 0x06,
+ 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E,
+ 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16,
+ 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E,
+ 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x19, 0x09,
+ 0x60, 0x6C, 0x77, 0x68, 0x61, 0x74, 0x65, 0x76,
+ 0x65, 0x72, 0x2E, 0x63, 0x6F, 0x6D, 0x58, 0x60,
+ 0xE6, 0xB6, 0x38, 0x4F, 0xAE, 0x3F, 0x6E, 0x67,
+ 0xF5, 0xD4, 0x97, 0x4B, 0x3F, 0xFD, 0x0A, 0xFA,
+ 0x1D, 0xF0, 0x2F, 0x73, 0xB8, 0xFF, 0x5F, 0x02,
+ 0xC0, 0x0F, 0x40, 0xAC, 0xF3, 0xA2, 0x9D, 0xB5,
+ 0x31, 0x50, 0x16, 0x4F, 0xFA, 0x34, 0x3D, 0x0E,
+ 0xAF, 0xE0, 0xD0, 0xD1, 0x6C, 0xF0, 0x9D, 0xC1,
+ 0x01, 0x42, 0xA2, 0x3C, 0xCE, 0xD4, 0x4A, 0x59,
+ 0xDC, 0x29, 0x0A, 0x30, 0x93, 0x5F, 0xB4, 0x98,
+ 0x61, 0xBA, 0xE3, 0x91, 0x22, 0x95, 0x24, 0xF4,
+ 0xAE, 0x47, 0x93, 0xD3, 0x84, 0xA3, 0x76, 0xD0,
+ 0xC1, 0x26, 0x96, 0x53, 0xA3, 0x60, 0x3F, 0x6C,
+ 0x75, 0x96, 0x90, 0x6A, 0xF9, 0x4E, 0xDA, 0x30
};
int plat_rmmd_get_cca_attest_token(uintptr_t buf, size_t *len,
diff --git a/plat/arm/board/fvp/include/platform_def.h b/plat/arm/board/fvp/include/platform_def.h
index 1ef6c87..52146a3 100644
--- a/plat/arm/board/fvp/include/platform_def.h
+++ b/plat/arm/board/fvp/include/platform_def.h
@@ -16,6 +16,10 @@
#include "../fvp_def.h"
+#if TRUSTED_BOARD_BOOT
+#include MBEDTLS_CONFIG_FILE
+#endif
+
/* Required platform porting definitions */
#define PLATFORM_CORE_COUNT (U(FVP_CLUSTER_COUNT) * \
U(FVP_MAX_CPUS_PER_CLUSTER) * \
@@ -171,7 +175,11 @@
* PLAT_ARM_MAX_BL1_RW_SIZE is calculated using the current BL1 RW debug size
* plus a little space for growth.
*/
+#if TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA
+#define PLAT_ARM_MAX_BL1_RW_SIZE UL(0xC000)
+#else
#define PLAT_ARM_MAX_BL1_RW_SIZE UL(0xB000)
+#endif
/*
* PLAT_ARM_MAX_ROMLIB_RW_SIZE is define to use a full page
@@ -191,10 +199,12 @@
* PLAT_ARM_MAX_BL2_SIZE is calculated using the current BL2 debug size plus a
* little space for growth.
*/
-#if TRUSTED_BOARD_BOOT && COT_DESC_IN_DTB
+#if CRYPTO_SUPPORT
+#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA) || COT_DESC_IN_DTB
# define PLAT_ARM_MAX_BL2_SIZE (UL(0x1E000) - FVP_BL2_ROMLIB_OPTIMIZATION)
-#elif CRYPTO_SUPPORT
+#else
# define PLAT_ARM_MAX_BL2_SIZE (UL(0x1D000) - FVP_BL2_ROMLIB_OPTIMIZATION)
+#endif
#elif ARM_BL31_IN_DRAM
/* When ARM_BL31_IN_DRAM is set, BL2 can use almost all of Trusted SRAM. */
# define PLAT_ARM_MAX_BL2_SIZE (UL(0x1F000) - FVP_BL2_ROMLIB_OPTIMIZATION)
diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk
index efbf68f..9b09a6b 100644
--- a/plat/arm/board/fvp/platform.mk
+++ b/plat/arm/board/fvp/platform.mk
@@ -446,14 +446,14 @@
endif
# enable trace buffer control registers access to NS by default
-ENABLE_TRBE_FOR_NS := 1
+ENABLE_TRBE_FOR_NS := 2
# enable branch record buffer control registers access in NS by default
# only enable for aarch64
# do not enable when ENABLE_RME=1
ifeq (${ARCH}, aarch64)
ifeq (${ENABLE_RME},0)
- ENABLE_BRBE_FOR_NS := 1
+ ENABLE_BRBE_FOR_NS := 2
endif
endif
@@ -461,7 +461,7 @@
ENABLE_SYS_REG_TRACE_FOR_NS := 1
# enable trace filter control registers access to NS by default
-ENABLE_TRF_FOR_NS := 1
+ENABLE_TRF_FOR_NS := 2
# Linux relies on EL3 enablement if those features are present
ENABLE_FEAT_FGT := 2
diff --git a/plat/arm/board/fvp_r/fvp_r_debug.S b/plat/arm/board/fvp_r/fvp_r_debug.S
index 88f0a29..cc5ffc0 100644
--- a/plat/arm/board/fvp_r/fvp_r_debug.S
+++ b/plat/arm/board/fvp_r/fvp_r_debug.S
@@ -11,7 +11,7 @@
.globl el2_panic
/***********************************************************
- * The common implementation of do_panic for all BL stages
+ * The common implementation of el3_panic for all BL stages
***********************************************************/
.section .rodata.panic_str, "aS"
diff --git a/plat/arm/common/aarch64/arm_helpers.S b/plat/arm/common/aarch64/arm_helpers.S
index b470781..ed85ea1 100644
--- a/plat/arm/common/aarch64/arm_helpers.S
+++ b/plat/arm/common/aarch64/arm_helpers.S
@@ -129,7 +129,7 @@
* Single cpu stack in coherent memory.
* ----------------------------------------------------
*/
-declare_stack platform_coherent_stacks, tzfw_coherent_mem, \
+declare_stack platform_coherent_stacks, .tzfw_coherent_mem, \
PLATFORM_STACK_SIZE, 1, CACHE_WRITEBACK_GRANULE
#endif /* defined(IMAGE_BL1) || defined(IMAGE_BL2) */
diff --git a/plat/arm/common/arm_dyn_cfg.c b/plat/arm/common/arm_dyn_cfg.c
index c88621e..067109b 100644
--- a/plat/arm/common/arm_dyn_cfg.c
+++ b/plat/arm/common/arm_dyn_cfg.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,20 +8,20 @@
#include <string.h>
#include <libfdt.h>
-#include <platform_def.h>
+#if CRYPTO_SUPPORT
+#include <mbedtls/version.h>
+#endif /* CRYPTO_SUPPORT */
#include <common/debug.h>
#include <common/desc_image_load.h>
#include <common/tbbr/tbbr_img_def.h>
-#if CRYPTO_SUPPORT
-#include MBEDTLS_CONFIG_FILE
-#endif /* CRYPTO_SUPPORT */
#include <lib/fconf/fconf.h>
#include <lib/fconf/fconf_dyn_cfg_getter.h>
#include <lib/fconf/fconf_tbbr_getter.h>
#include <plat/arm/common/arm_dyn_cfg_helpers.h>
#include <plat/arm/common/plat_arm.h>
+#include <platform_def.h>
#if CRYPTO_SUPPORT
diff --git a/plat/arm/common/arm_gicv3.c b/plat/arm/common/arm_gicv3.c
index 469e22a..1c95afb 100644
--- a/plat/arm/common/arm_gicv3.c
+++ b/plat/arm/common/arm_gicv3.c
@@ -48,8 +48,8 @@
* data in the designated EL3 Secure carve-out memory. The `used` attribute
* is used to prevent the compiler from removing the gicv3 contexts.
*/
-static gicv3_redist_ctx_t rdist_ctx __section("arm_el3_tzc_dram") __used;
-static gicv3_dist_ctx_t dist_ctx __section("arm_el3_tzc_dram") __used;
+static gicv3_redist_ctx_t rdist_ctx __section(".arm_el3_tzc_dram") __used;
+static gicv3_dist_ctx_t dist_ctx __section(".arm_el3_tzc_dram") __used;
/* Define accessor function to get reference to the GICv3 context */
DEFINE_LOAD_SYM_ADDR(rdist_ctx)
diff --git a/plat/common/aarch32/platform_mp_stack.S b/plat/common/aarch32/platform_mp_stack.S
index 6c3d08d..314e87a 100644
--- a/plat/common/aarch32/platform_mp_stack.S
+++ b/plat/common/aarch32/platform_mp_stack.S
@@ -43,5 +43,5 @@
* stack of PLATFORM_STACK_SIZE bytes.
* -----------------------------------------------------
*/
-declare_stack platform_normal_stacks, tzfw_normal_stacks, \
+declare_stack platform_normal_stacks, .tzfw_normal_stacks, \
PLATFORM_STACK_SIZE, PLATFORM_CORE_COUNT
diff --git a/plat/common/aarch32/platform_up_stack.S b/plat/common/aarch32/platform_up_stack.S
index 836c13a..69e112f 100644
--- a/plat/common/aarch32/platform_up_stack.S
+++ b/plat/common/aarch32/platform_up_stack.S
@@ -43,5 +43,5 @@
* stack of PLATFORM_STACK_SIZE bytes.
* -----------------------------------------------------
*/
-declare_stack platform_normal_stacks, tzfw_normal_stacks, \
+declare_stack platform_normal_stacks, .tzfw_normal_stacks, \
PLATFORM_STACK_SIZE, 1, CACHE_WRITEBACK_GRANULE
diff --git a/plat/common/aarch64/plat_common.c b/plat/common/aarch64/plat_common.c
index 8ce1d6c..042916a 100644
--- a/plat/common/aarch64/plat_common.c
+++ b/plat/common/aarch64/plat_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -77,7 +77,7 @@
return "EL1";
}
-/* RAS functions common to AArch64 ARM platforms */
+/* Handler for External Aborts from lower EL including RAS errors */
void plat_default_ea_handler(unsigned int ea_reason, uint64_t syndrome, void *cookie,
void *handle, uint64_t flags)
{
@@ -93,12 +93,9 @@
ERROR("Unhandled External Abort received on 0x%lx from %s\n",
read_mpidr_el1(), get_el_str(level));
ERROR("exception reason=%u syndrome=0x%" PRIx64 "\n", ea_reason, syndrome);
-#if HANDLE_EA_EL3_FIRST_NS
- /* Skip backtrace for lower EL */
- if (level != MODE_EL3) {
- console_flush();
- do_panic();
- }
-#endif
- panic();
+
+ /* We reached here due to a panic from a lower EL and assuming this is the default
+ * platform registered handler that we could call on a lower EL panic.
+ */
+ lower_el_panic();
}
diff --git a/plat/common/aarch64/platform_mp_stack.S b/plat/common/aarch64/platform_mp_stack.S
index c0668ea..fa1ca22 100644
--- a/plat/common/aarch64/platform_mp_stack.S
+++ b/plat/common/aarch64/platform_mp_stack.S
@@ -56,6 +56,6 @@
* stack of PLATFORM_STACK_SIZE bytes.
* -----------------------------------------------------
*/
-declare_stack platform_normal_stacks, tzfw_normal_stacks, \
+declare_stack platform_normal_stacks, .tzfw_normal_stacks, \
PLATFORM_STACK_SIZE, PLATFORM_CORE_COUNT, \
CACHE_WRITEBACK_GRANULE
diff --git a/plat/common/aarch64/platform_up_stack.S b/plat/common/aarch64/platform_up_stack.S
index c6e5e2d..2c87219 100644
--- a/plat/common/aarch64/platform_up_stack.S
+++ b/plat/common/aarch64/platform_up_stack.S
@@ -46,5 +46,5 @@
* are allocated
* -----------------------------------------------------
*/
-declare_stack platform_normal_stacks, tzfw_normal_stacks, \
+declare_stack platform_normal_stacks, .tzfw_normal_stacks, \
PLATFORM_STACK_SIZE, 1, CACHE_WRITEBACK_GRANULE
diff --git a/plat/hisilicon/hikey960/hikey960_bl31_setup.c b/plat/hisilicon/hikey960/hikey960_bl31_setup.c
index 0debe1e..50751ee 100644
--- a/plat/hisilicon/hikey960/hikey960_bl31_setup.c
+++ b/plat/hisilicon/hikey960/hikey960_bl31_setup.c
@@ -183,7 +183,7 @@
#define SPMC_SHARED_MEMORY_OBJ_SIZE (512 * 1024)
-__section("ram2_region") uint8_t plat_spmc_shmem_datastore[SPMC_SHARED_MEMORY_OBJ_SIZE];
+__section(".ram2_region") uint8_t plat_spmc_shmem_datastore[SPMC_SHARED_MEMORY_OBJ_SIZE];
int plat_spmc_shmem_datastore_get(uint8_t **datastore, size_t *size)
{
diff --git a/plat/hisilicon/hikey960/include/plat.ld.S b/plat/hisilicon/hikey960/include/plat.ld.S
index 0cc25cd..f8bd376 100644
--- a/plat/hisilicon/hikey960/include/plat.ld.S
+++ b/plat/hisilicon/hikey960/include/plat.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2022-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,8 +14,8 @@
SECTIONS
{
- ram2_region (NOLOAD) : {
- *(ram2_region)
+ .ram2_region (NOLOAD) : {
+ *(.ram2_region)
}>RAM2
}
diff --git a/plat/imx/common/sci/svc/pm/pm_rpc_clnt.c b/plat/imx/common/sci/svc/pm/pm_rpc_clnt.c
index 66a57a1..228cff8 100644
--- a/plat/imx/common/sci/svc/pm/pm_rpc_clnt.c
+++ b/plat/imx/common/sci/svc/pm/pm_rpc_clnt.c
@@ -412,8 +412,6 @@
RPC_SIZE(&msg) = 2U;
sc_call_rpc(ipc, &msg, SC_TRUE);
-
- return;
}
sc_err_t sc_pm_reboot_partition(sc_ipc_t ipc, sc_rm_pt_t pt,
diff --git a/plat/imx/common/sci/svc/rm/rm_rpc_clnt.c b/plat/imx/common/sci/svc/rm/rm_rpc_clnt.c
index 16771a5..2cea01f 100644
--- a/plat/imx/common/sci/svc/rm/rm_rpc_clnt.c
+++ b/plat/imx/common/sci/svc/rm/rm_rpc_clnt.c
@@ -632,8 +632,6 @@
RPC_SIZE(&msg) = 1U;
sc_call_rpc(ipc, &msg, SC_FALSE);
-
- return;
}
/**@}*/
diff --git a/plat/marvell/armada/a8k/common/ble/ble.ld.S b/plat/marvell/armada/a8k/common/ble/ble.ld.S
index d7a0592..446849b 100644
--- a/plat/marvell/armada/a8k/common/ble/ble.ld.S
+++ b/plat/marvell/armada/a8k/common/ble/ble.ld.S
@@ -19,7 +19,7 @@
{
. = BLE_BASE;
- ro . : {
+ .ro . : {
__RO_START__ = .;
*ble_main.o(.entry*)
*(.text*)
@@ -40,9 +40,9 @@
__DATA_END__ = .;
} >RAM
- stacks . (NOLOAD) : {
+ .stacks . (NOLOAD) : {
__STACKS_START__ = .;
- *(tzfw_normal_stacks)
+ *(.tzfw_normal_stacks)
__STACKS_END__ = .;
} >RAM
diff --git a/plat/marvell/armada/common/marvell_gicv3.c b/plat/marvell/armada/common/marvell_gicv3.c
index 0bd5545..5419506 100644
--- a/plat/marvell/armada/common/marvell_gicv3.c
+++ b/plat/marvell/armada/common/marvell_gicv3.c
@@ -38,8 +38,8 @@
* We save and restore the GICv3 context on system suspend. Allocate the
* data in the designated EL3 Secure carve-out memory
*/
-static gicv3_redist_ctx_t rdist_ctx __section("arm_el3_tzc_dram");
-static gicv3_dist_ctx_t dist_ctx __section("arm_el3_tzc_dram");
+static gicv3_redist_ctx_t rdist_ctx __section(".arm_el3_tzc_dram");
+static gicv3_dist_ctx_t dist_ctx __section(".arm_el3_tzc_dram");
/*
* MPIDR hashing function for translating MPIDRs read from GICR_TYPER register
diff --git a/plat/mediatek/common/mtk_smc_handlers.c b/plat/mediatek/common/mtk_smc_handlers.c
index 92b3873..a8a5a48 100644
--- a/plat/mediatek/common/mtk_smc_handlers.c
+++ b/plat/mediatek/common/mtk_smc_handlers.c
@@ -72,7 +72,7 @@
}
#define SMC_ID_EXPAND_AS_DESCRIPTOR_INDEX(_smc_id, _smc_num) \
- short _smc_id##_descriptor_index __section("mtk_plat_ro") = -1;
+ short _smc_id##_descriptor_index __section(".mtk_plat_ro") = -1;
MTK_SIP_SMC_FROM_BL33_TABLE(SMC_ID_EXPAND_AS_DESCRIPTOR_INDEX);
MTK_SIP_SMC_FROM_NS_EL1_TABLE(SMC_ID_EXPAND_AS_DESCRIPTOR_INDEX);
diff --git a/plat/mediatek/include/plat.ld.rodata.inc b/plat/mediatek/include/plat.ld.rodata.inc
index 06ad491..e766472 100644
--- a/plat/mediatek/include/plat.ld.rodata.inc
+++ b/plat/mediatek/include/plat.ld.rodata.inc
@@ -25,6 +25,6 @@
__MTK_SMC_POOL_END_UNALIGNED__ = .;
. = ALIGN(8);
#include <vendor_pubsub_events.h>
- *(mtk_plat_ro)
+ *(.mtk_plat_ro)
#endif /* PLAT_LD_RODATA_INC */
diff --git a/plat/mediatek/mt8173/drivers/spm/spm.c b/plat/mediatek/mt8173/drivers/spm/spm.c
index 1caab3b..8980e07 100644
--- a/plat/mediatek/mt8173/drivers/spm/spm.c
+++ b/plat/mediatek/mt8173/drivers/spm/spm.c
@@ -29,9 +29,9 @@
DEFINE_BAKERY_LOCK(spm_lock);
-static int spm_hotplug_ready __section("tzfw_coherent_mem");
-static int spm_mcdi_ready __section("tzfw_coherent_mem");
-static int spm_suspend_ready __section("tzfw_coherent_mem");
+static int spm_hotplug_ready __section(".tzfw_coherent_mem");
+static int spm_mcdi_ready __section(".tzfw_coherent_mem");
+static int spm_suspend_ready __section(".tzfw_coherent_mem");
void spm_lock_init(void)
{
diff --git a/plat/mediatek/mt8186/drivers/mcdi/mt_mcdi.c b/plat/mediatek/mt8186/drivers/mcdi/mt_mcdi.c
index 0103612..efcf87f 100644
--- a/plat/mediatek/mt8186/drivers/mcdi/mt_mcdi.c
+++ b/plat/mediatek/mt8186/drivers/mcdi/mt_mcdi.c
@@ -62,7 +62,7 @@
#define MCDI_INIT_2 U(2)
#define MCDI_INIT_DONE U(3)
-static int mcdi_init_status __section("tzfw_coherent_mem");
+static int mcdi_init_status __section(".tzfw_coherent_mem");
static inline uint32_t mcdi_mbox_read(uint32_t id)
{
diff --git a/plat/mediatek/mt8192/drivers/mcdi/mt_mcdi.c b/plat/mediatek/mt8192/drivers/mcdi/mt_mcdi.c
index 1635b67..765c7b2 100644
--- a/plat/mediatek/mt8192/drivers/mcdi/mt_mcdi.c
+++ b/plat/mediatek/mt8192/drivers/mcdi/mt_mcdi.c
@@ -63,7 +63,7 @@
#define MCDI_INIT_2 2
#define MCDI_INIT_DONE 3
-static int mcdi_init_status __section("tzfw_coherent_mem");
+static int mcdi_init_status __section(".tzfw_coherent_mem");
static inline uint32_t mcdi_mbox_read(uint32_t id)
{
diff --git a/plat/mediatek/mt8195/drivers/mcdi/mt_mcdi.c b/plat/mediatek/mt8195/drivers/mcdi/mt_mcdi.c
index c14e83b..f7dfec3 100644
--- a/plat/mediatek/mt8195/drivers/mcdi/mt_mcdi.c
+++ b/plat/mediatek/mt8195/drivers/mcdi/mt_mcdi.c
@@ -63,7 +63,7 @@
#define MCDI_INIT_2 2
#define MCDI_INIT_DONE 3
-static int mcdi_init_status __section("tzfw_coherent_mem");
+static int mcdi_init_status __section(".tzfw_coherent_mem");
static inline uint32_t mcdi_mbox_read(uint32_t id)
{
diff --git a/plat/nvidia/tegra/platform.mk b/plat/nvidia/tegra/platform.mk
index 6ed1cdf..2365564 100644
--- a/plat/nvidia/tegra/platform.mk
+++ b/plat/nvidia/tegra/platform.mk
@@ -90,8 +90,8 @@
# o resolve undefined symbols to el3_panic
# o include only required sections
TF_LDFLAGS += --diag_suppress=L6314,L6332 --no_scanlib --callgraph
-TF_LDFLAGS += --keep="*(__pubsub*)" --keep="*(rt_svc_descs*)" --keep="*(*cpu_ops)"
+TF_LDFLAGS += --keep="*(.__pubsub*)" --keep="*(.rt_svc_descs*)" --keep="*(.cpu_ops)"
ifeq (${ENABLE_PMF},1)
-TF_LDFLAGS += --keep="*(*pmf_svc_descs*)"
+TF_LDFLAGS += --keep="*(.pmf_svc_descs*)"
endif
endif
diff --git a/plat/nvidia/tegra/scat/bl31.scat b/plat/nvidia/tegra/scat/bl31.scat
index 2d6d2b3..fdd6e33 100644
--- a/plat/nvidia/tegra/scat/bl31.scat
+++ b/plat/nvidia/tegra/scat/bl31.scat
@@ -48,14 +48,14 @@
/* Ensure 8-byte alignment for descriptors and ensure inclusion */
__RT_SVC_DESCS__ AlignExpr(ImageLimit(__RODATA__), 8) FIXED
{
- *(rt_svc_descs)
+ *(.rt_svc_descs)
}
#if ENABLE_PMF
/* Ensure 8-byte alignment for descriptors and ensure inclusion */
__PMF_SVC_DESCS__ AlignExpr(ImageLimit(__RT_SVC_DESCS__), 8) FIXED
{
- *(pmf_svc_descs)
+ *(.pmf_svc_descs)
}
#endif /* ENABLE_PMF */
@@ -65,7 +65,7 @@
*/
__CPU_OPS__ AlignExpr(+0, 8) FIXED
{
- *(cpu_ops)
+ *(.cpu_ops)
}
/*
@@ -150,7 +150,7 @@
{
__STACKS__ AlignExpr(+0, 64) FIXED
{
- *(tzfw_normal_stacks)
+ *(.tzfw_normal_stacks)
}
}
@@ -180,7 +180,7 @@
*/
__BAKERY_LOCKS__ AlignExpr(ImageLimit(__BSS__), CACHE_WRITEBACK_GRANULE) FIXED
{
- *(bakery_lock)
+ *(.bakery_lock)
}
__BAKERY_LOCKS_EPILOGUE__ AlignExpr(ImageLimit(__BAKERY_LOCKS__), CACHE_WRITEBACK_GRANULE) FIXED EMPTY 0
@@ -229,9 +229,9 @@
LR_XLAT_TABLE +0
{
- xlat_table +0 FIXED
+ .xlat_table +0 FIXED
{
- *(xlat_table)
+ *(.xlat_table)
}
}
@@ -251,8 +251,8 @@
*
* Each lock's data is contiguous and fully allocated by the compiler
*/
- *(bakery_lock)
- *(tzfw_coherent_mem)
+ *(.bakery_lock)
+ *(.tzfw_coherent_mem)
}
__COHERENT_RAM_EPILOGUE_UNALIGNED__ +0 FIXED EMPTY 0
diff --git a/plat/nvidia/tegra/soc/t194/plat_ras.c b/plat/nvidia/tegra/soc/t194/plat_ras.c
index 02f6158..a9fed0a 100644
--- a/plat/nvidia/tegra/soc/t194/plat_ras.c
+++ b/plat/nvidia/tegra/soc/t194/plat_ras.c
@@ -249,7 +249,6 @@
* of range.
*/
*cookie = 0ULL;
- return;
}
/* Function to probe an error from error record group. */
diff --git a/plat/qemu/qemu_sbsa/include/platform_def.h b/plat/qemu/qemu_sbsa/include/platform_def.h
index d971ebe..85fbb4d 100644
--- a/plat/qemu/qemu_sbsa/include/platform_def.h
+++ b/plat/qemu/qemu_sbsa/include/platform_def.h
@@ -364,8 +364,8 @@
* Name of the section to put the translation tables used by the S-EL1/S-EL0
* context of a Secure Partition.
*/
-#define PLAT_SP_IMAGE_XLAT_SECTION_NAME "qemu_sp_xlat_table"
-#define PLAT_SP_IMAGE_BASE_XLAT_SECTION_NAME "qemu_sp_xlat_table"
+#define PLAT_SP_IMAGE_XLAT_SECTION_NAME ".qemu_sp_xlat_table"
+#define PLAT_SP_IMAGE_BASE_XLAT_SECTION_NAME ".qemu_sp_xlat_table"
/* Cookies passed to the Secure Partition at boot. Not used by QEMU platforms.*/
#define PLAT_SPM_COOKIE_0 ULL(0)
diff --git a/plat/renesas/common/aarch64/plat_helpers.S b/plat/renesas/common/aarch64/plat_helpers.S
index 21c3bed..a7fdfa0 100644
--- a/plat/renesas/common/aarch64/plat_helpers.S
+++ b/plat/renesas/common/aarch64/plat_helpers.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2021, Renesas Electronics Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -126,7 +126,7 @@
exit:
ret x9
_panic:
- b do_panic
+ b el3_panic
#endif
endfunc plat_get_my_entrypoint
diff --git a/plat/renesas/common/aarch64/platform_common.c b/plat/renesas/common/aarch64/platform_common.c
index b0a88cb..17ccb28 100644
--- a/plat/renesas/common/aarch64/platform_common.c
+++ b/plat/renesas/common/aarch64/platform_common.c
@@ -28,7 +28,7 @@
#endif
const uint8_t version_of_renesas[VERSION_OF_RENESAS_MAXLEN]
- __attribute__ ((__section__("ro"))) = VERSION_OF_RENESAS;
+ __attribute__ ((__section__(".ro"))) = VERSION_OF_RENESAS;
#define MAP_SHARED_RAM MAP_REGION_FLAT(RCAR_SHARED_MEM_BASE, \
RCAR_SHARED_MEM_SIZE, \
diff --git a/plat/rockchip/common/aarch32/plat_helpers.S b/plat/rockchip/common/aarch32/plat_helpers.S
index 475c297..9f49cbd 100644
--- a/plat/rockchip/common/aarch32/plat_helpers.S
+++ b/plat/rockchip/common/aarch32/plat_helpers.S
@@ -151,7 +151,7 @@
* Per-CPU Secure entry point - resume or power up
* --------------------------------------------------------------------
*/
- .section tzfw_coherent_mem, "a"
+ .section .tzfw_coherent_mem, "a"
.align 3
cpuson_entry_point:
.rept PLATFORM_CORE_COUNT
diff --git a/plat/rockchip/common/aarch64/plat_helpers.S b/plat/rockchip/common/aarch64/plat_helpers.S
index 4af052b..c4c0dec 100644
--- a/plat/rockchip/common/aarch64/plat_helpers.S
+++ b/plat/rockchip/common/aarch64/plat_helpers.S
@@ -150,7 +150,7 @@
* Per-CPU Secure entry point - resume or power up
* --------------------------------------------------------------------
*/
- .section tzfw_coherent_mem, "a"
+ .section .tzfw_coherent_mem, "a"
.align 3
cpuson_entry_point:
.rept PLATFORM_CORE_COUNT
diff --git a/plat/rockchip/px30/drivers/pmu/pmu.c b/plat/rockchip/px30/drivers/pmu/pmu.c
index 5f4e64f..8770b2e 100644
--- a/plat/rockchip/px30/drivers/pmu/pmu.c
+++ b/plat/rockchip/px30/drivers/pmu/pmu.c
@@ -45,7 +45,7 @@
static uint32_t cores_pd_cfg_info[PLATFORM_CORE_COUNT]
#if USE_COHERENT_MEM
-__attribute__ ((section("tzfw_coherent_mem")))
+__attribute__ ((section(".tzfw_coherent_mem")))
#endif
;
@@ -101,7 +101,7 @@
static struct px30_sleep_ddr_data ddr_data
#if USE_COHERENT_MEM
-__attribute__ ((section("tzfw_coherent_mem")))
+__attribute__ ((section(".tzfw_coherent_mem")))
#endif
;
diff --git a/plat/rockchip/rk3399/drivers/pmu/pmu.c b/plat/rockchip/rk3399/drivers/pmu/pmu.c
index 3084c4f..7bdefcc 100644
--- a/plat/rockchip/rk3399/drivers/pmu/pmu.c
+++ b/plat/rockchip/rk3399/drivers/pmu/pmu.c
@@ -64,7 +64,7 @@
static uint32_t core_pm_cfg_info[PLATFORM_CORE_COUNT]
#if USE_COHERENT_MEM
-__attribute__ ((section("tzfw_coherent_mem")))
+__attribute__ ((section(".tzfw_coherent_mem")))
#endif
;/* coheront */
diff --git a/plat/socionext/synquacer/include/plat.ld.S b/plat/socionext/synquacer/include/plat.ld.S
index af7a172..d02afa7 100644
--- a/plat/socionext/synquacer/include/plat.ld.S
+++ b/plat/socionext/synquacer/include/plat.ld.S
@@ -23,8 +23,8 @@
* not support inner shareable WBWA mappings so it is mapped normal
* non-cacheable)
*/
- sp_xlat_table (NOLOAD) : ALIGN(PAGE_SIZE) {
- *(sp_xlat_table)
+ .sp_xlat_table (NOLOAD) : ALIGN(PAGE_SIZE) {
+ *(.sp_xlat_table)
} >SP_DRAM
}
diff --git a/plat/socionext/synquacer/include/platform_def.h b/plat/socionext/synquacer/include/platform_def.h
index d6bfe42..acc74e2 100644
--- a/plat/socionext/synquacer/include/platform_def.h
+++ b/plat/socionext/synquacer/include/platform_def.h
@@ -180,8 +180,8 @@
#define PLAT_SP_IMAGE_MMAP_REGIONS 30
#define PLAT_SP_IMAGE_MAX_XLAT_TABLES 20
-#define PLAT_SP_IMAGE_XLAT_SECTION_NAME "sp_xlat_table"
-#define PLAT_SP_IMAGE_BASE_XLAT_SECTION_NAME "sp_xlat_table"
+#define PLAT_SP_IMAGE_XLAT_SECTION_NAME ".sp_xlat_table"
+#define PLAT_SP_IMAGE_BASE_XLAT_SECTION_NAME ".sp_xlat_table"
#define PLAT_SQ_UART1_BASE PLAT_SQ_BOOT_UART_BASE
#define PLAT_SQ_UART1_SIZE ULL(0x1000)
diff --git a/plat/st/stm32mp1/include/stm32mp1_mbedtls_config.h b/plat/st/stm32mp1/include/stm32mp1_mbedtls_config-2.h
similarity index 100%
rename from plat/st/stm32mp1/include/stm32mp1_mbedtls_config.h
rename to plat/st/stm32mp1/include/stm32mp1_mbedtls_config-2.h
diff --git a/plat/st/stm32mp1/include/stm32mp1_mbedtls_config-3.h b/plat/st/stm32mp1/include/stm32mp1_mbedtls_config-3.h
new file mode 100644
index 0000000..d7dab1f
--- /dev/null
+++ b/plat/st/stm32mp1/include/stm32mp1_mbedtls_config-3.h
@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 2022, STMicroelectronics - All Rights Reserved
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/*
+ * Key algorithms currently supported on mbed TLS libraries
+ */
+#define TF_MBEDTLS_USE_RSA 0
+#define TF_MBEDTLS_USE_ECDSA 1
+
+/*
+ * Hash algorithms currently supported on mbed TLS libraries
+ */
+#define TF_MBEDTLS_SHA256 1
+#define TF_MBEDTLS_SHA384 2
+#define TF_MBEDTLS_SHA512 3
+
+/*
+ * Configuration file to build mbed TLS with the required features for
+ * Trusted Boot
+ */
+
+#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+/* Prevent mbed TLS from using snprintf so that it can use tf_snprintf. */
+#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+
+#define MBEDTLS_PKCS1_V21
+
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_BIGNUM_C
+
+#define MBEDTLS_ERROR_C
+#define MBEDTLS_MD_C
+
+#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+#define MBEDTLS_OID_C
+
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PK_WRITE_C
+
+#define MBEDTLS_PLATFORM_C
+
+#if TF_MBEDTLS_USE_ECDSA
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#endif
+#if TF_MBEDTLS_USE_RSA
+#define MBEDTLS_RSA_C
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
+#endif
+
+/* The library does not currently support enabling SHA-256 without SHA-224. */
+#define MBEDTLS_SHA224_C
+#define MBEDTLS_SHA256_C
+
+#if (TF_MBEDTLS_HASH_ALG_ID != TF_MBEDTLS_SHA256)
+#define MBEDTLS_SHA384_C
+#define MBEDTLS_SHA512_C
+#endif
+
+#define MBEDTLS_VERSION_C
+
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_X509_CRT_PARSE_C
+
+#if TF_MBEDTLS_USE_AES_GCM
+#define MBEDTLS_AES_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_GCM_C
+#endif
+
+/* MPI / BIGNUM options */
+#define MBEDTLS_MPI_WINDOW_SIZE 2
+
+#if TF_MBEDTLS_USE_RSA
+#if TF_MBEDTLS_KEY_SIZE <= 2048
+#define MBEDTLS_MPI_MAX_SIZE 256
+#else
+#define MBEDTLS_MPI_MAX_SIZE 512
+#endif
+#else
+#define MBEDTLS_MPI_MAX_SIZE 256
+#endif
+
+/* Memory buffer allocator options */
+#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 8
+
+/*
+ * Prevent the use of 128-bit division which
+ * creates dependency on external libraries.
+ */
+#define MBEDTLS_NO_UDBL_DIVISION
+
+#ifndef __ASSEMBLER__
+/* System headers required to build mbed TLS with the current configuration */
+#include <stdlib.h>
+#include <mbedtls/check_config.h>
+#endif
+
+/*
+ * Mbed TLS heap size is smal as we only use the asn1
+ * parsing functions
+ * digest, signature and crypto algorithm are done by
+ * other library.
+ */
+
+#define TF_MBEDTLS_HEAP_SIZE U(5120)
diff --git a/plat/st/stm32mp1/platform.mk b/plat/st/stm32mp1/platform.mk
index 236296e..039ae63 100644
--- a/plat/st/stm32mp1/platform.mk
+++ b/plat/st/stm32mp1/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -381,7 +381,19 @@
endif
TF_MBEDTLS_KEY_ALG := ecdsa
-MBEDTLS_CONFIG_FILE ?= "<stm32mp1_mbedtls_config.h>"
+
+ifneq (${MBEDTLS_DIR},)
+MBEDTLS_MAJOR=$(shell grep -hP "define MBEDTLS_VERSION_MAJOR" \
+${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)')
+
+ifeq (${MBEDTLS_MAJOR}, 2)
+MBEDTLS_CONFIG_FILE ?= "<stm32mp1_mbedtls_config-2.h>"
+endif
+
+ifeq (${MBEDTLS_MAJOR}, 3)
+MBEDTLS_CONFIG_FILE ?= "<stm32mp1_mbedtls_config-3.h>"
+endif
+endif
include drivers/auth/mbedtls/mbedtls_x509.mk
diff --git a/plat/ti/k3/common/drivers/ti_sci/ti_sci.c b/plat/ti/k3/common/drivers/ti_sci/ti_sci.c
index 569e60c..ade10a6 100644
--- a/plat/ti/k3/common/drivers/ti_sci/ti_sci.c
+++ b/plat/ti/k3/common/drivers/ti_sci/ti_sci.c
@@ -21,7 +21,7 @@
#include "ti_sci.h"
#if USE_COHERENT_MEM
-__section("tzfw_coherent_mem")
+__section(".tzfw_coherent_mem")
#endif
static uint8_t message_sequence;
diff --git a/plat/xilinx/common/pm_service/pm_ipi.c b/plat/xilinx/common/pm_service/pm_ipi.c
index 513d6be..a3c3a6f 100644
--- a/plat/xilinx/common/pm_service/pm_ipi.c
+++ b/plat/xilinx/common/pm_service/pm_ipi.c
@@ -172,12 +172,13 @@
}
/**
- * pm_ipi_buff_read_callb() - Reads IPI response after remote processor has
- * handled interrupt
- * @value Used to return value from IPI buffer element (optional)
+ * pm_ipi_buff_read_callb() - Callback function that reads value from
+ * ipi response buffer
+ * @value Used to return value from IPI buffer element
* @count Number of values to return in @value
*
- * @return Returns status, either success or error+reason
+ * This callback function fills requested data in @value from ipi response
+ * buffer.
*/
void pm_ipi_buff_read_callb(uint32_t *value, size_t count)
{
diff --git a/plat/xilinx/versal/include/plat_ipi.h b/plat/xilinx/versal/include/plat_ipi.h
index 36a4380..9143dc6 100644
--- a/plat/xilinx/versal/include/plat_ipi.h
+++ b/plat/xilinx/versal/include/plat_ipi.h
@@ -34,7 +34,6 @@
#define IPI_BUFFER_TARGET_APU_OFFSET 0x80U
#define IPI_BUFFER_TARGET_PMC_OFFSET 0x40U
-#define IPI_BUFFER_LOCAL_BASE IPI_BUFFER_APU_BASE
#define IPI_BUFFER_REMOTE_BASE IPI_BUFFER_PMC_BASE
#define IPI_BUFFER_TARGET_LOCAL_OFFSET IPI_BUFFER_TARGET_APU_OFFSET
diff --git a/plat/xilinx/versal/include/versal_def.h b/plat/xilinx/versal/include/versal_def.h
index 60431a5..ce4d98c 100644
--- a/plat/xilinx/versal/include/versal_def.h
+++ b/plat/xilinx/versal/include/versal_def.h
@@ -129,9 +129,10 @@
#define PMC_GLOBAL_GLOB_GEN_STORAGE4 (PMC_GLOBAL_BASE + 0x40U)
/* IPI registers and bitfields */
+#define PMC_REG_BASE U(0xFF320000)
+#define PMC_IPI_TRIG_BIT (1U << 1U)
#define IPI0_REG_BASE U(0xFF330000)
#define IPI0_TRIG_BIT (1U << 2U)
-#define PMC_IPI_TRIG_BIT (1U << 1U)
#define IPI1_REG_BASE U(0xFF340000)
#define IPI1_TRIG_BIT (1U << 3U)
#define IPI2_REG_BASE U(0xFF350000)
diff --git a/plat/xilinx/versal/sip_svc_setup.c b/plat/xilinx/versal/sip_svc_setup.c
index 6f2ff94..28a4cb9 100644
--- a/plat/xilinx/versal/sip_svc_setup.c
+++ b/plat/xilinx/versal/sip_svc_setup.c
@@ -6,6 +6,8 @@
/* Top level SMC handler for SiP calls. Dispatch PM calls to PM SMC handler. */
+#include <inttypes.h>
+
#include <common/debug.h>
#include <common/runtime_svc.h>
#include <tools_share/uuid.h>
@@ -23,11 +25,12 @@
#define SIP_SVC_VERSION_MINOR U(1)
/* These macros are used to identify PM calls from the SMC function ID */
-#define PM_FID_MASK 0xf000u
+#define SIP_FID_MASK GENMASK(23, 16)
+#define XLNX_FID_MASK GENMASK(23, 12)
#define PM_FID_VALUE 0u
#define IPI_FID_VALUE 0x1000u
-#define is_pm_fid(_fid) (((_fid) & PM_FID_MASK) == PM_FID_VALUE)
-#define is_ipi_fid(_fid) (((_fid) & PM_FID_MASK) == IPI_FID_VALUE)
+#define is_pm_fid(_fid) (((_fid) & XLNX_FID_MASK) == PM_FID_VALUE)
+#define is_ipi_fid(_fid) (((_fid) & XLNX_FID_MASK) == IPI_FID_VALUE)
/* SiP Service UUID */
DEFINE_SVC_UUID2(versal_sip_uuid,
@@ -62,6 +65,14 @@
void *handle,
u_register_t flags)
{
+ VERBOSE("SMCID: 0x%08x, x1: 0x%016" PRIx64 ", x2: 0x%016" PRIx64 ", x3: 0x%016" PRIx64 ", x4: 0x%016" PRIx64 "\n",
+ smc_fid, x1, x2, x3, x4);
+
+ if (smc_fid & SIP_FID_MASK) {
+ WARN("SMC out of SiP assinged range: 0x%x\n", smc_fid);
+ SMC_RET1(handle, SMC_UNK);
+ }
+
/* Let PM SMC handler deal with PM-related requests */
if (is_pm_fid(smc_fid)) {
return pm_smc_handler(smc_fid, x1, x2, x3, x4, cookie, handle,
diff --git a/plat/xilinx/versal/versal_gicv3.c b/plat/xilinx/versal/versal_gicv3.c
index d410906..0959c8e 100644
--- a/plat/xilinx/versal/versal_gicv3.c
+++ b/plat/xilinx/versal/versal_gicv3.c
@@ -36,8 +36,8 @@
* We save and restore the GICv3 context on system suspend. Allocate the
* data in the designated EL3 Secure carve-out memory.
*/
-static gicv3_redist_ctx_t rdist_ctx __section("versal_el3_tzc_dram");
-static gicv3_dist_ctx_t dist_ctx __section("versal_el3_tzc_dram");
+static gicv3_redist_ctx_t rdist_ctx __section(".versal_el3_tzc_dram");
+static gicv3_dist_ctx_t dist_ctx __section(".versal_el3_tzc_dram");
/*
* MPIDR hashing function for translating MPIDRs read from GICR_TYPER register
diff --git a/plat/xilinx/versal/versal_ipi.c b/plat/xilinx/versal/versal_ipi.c
index d821929..67915f4 100644
--- a/plat/xilinx/versal/versal_ipi.c
+++ b/plat/xilinx/versal/versal_ipi.c
@@ -20,16 +20,16 @@
/* versal ipi configuration table */
static const struct ipi_config versal_ipi_table[] = {
- /* A72 IPI */
- [IPI_ID_APU] = {
- .ipi_bit_mask = IPI0_TRIG_BIT,
- .ipi_reg_base = IPI0_REG_BASE,
- .secure_only = 0U,
- },
-
/* PMC IPI */
[IPI_ID_PMC] = {
.ipi_bit_mask = PMC_IPI_TRIG_BIT,
+ .ipi_reg_base = PMC_REG_BASE,
+ .secure_only = 0U,
+ },
+
+ /* A72 IPI */
+ [IPI_ID_APU] = {
+ .ipi_bit_mask = IPI0_TRIG_BIT,
.ipi_reg_base = IPI0_REG_BASE,
.secure_only = 0U,
},
diff --git a/plat/xilinx/versal_net/include/plat_ipi.h b/plat/xilinx/versal_net/include/plat_ipi.h
index 5255f8f..5ac611c 100644
--- a/plat/xilinx/versal_net/include/plat_ipi.h
+++ b/plat/xilinx/versal_net/include/plat_ipi.h
@@ -37,7 +37,6 @@
#define IPI_BUFFER_TARGET_APU_OFFSET 0x80U
#define IPI_BUFFER_TARGET_PMC_OFFSET 0x40U
-#define IPI_BUFFER_LOCAL_BASE IPI_BUFFER_APU_BASE
#define IPI_BUFFER_REMOTE_BASE IPI_BUFFER_PMC_BASE
#define IPI_BUFFER_TARGET_LOCAL_OFFSET IPI_BUFFER_TARGET_APU_OFFSET
diff --git a/plat/xilinx/versal_net/sip_svc_setup.c b/plat/xilinx/versal_net/sip_svc_setup.c
index 0e3940f..c91497c 100644
--- a/plat/xilinx/versal_net/sip_svc_setup.c
+++ b/plat/xilinx/versal_net/sip_svc_setup.c
@@ -9,6 +9,7 @@
/* Top level SMC handler for SiP calls. Dispatch PM calls to PM SMC handler. */
#include <errno.h>
+#include <inttypes.h>
#include <common/debug.h>
#include <common/runtime_svc.h>
@@ -28,11 +29,12 @@
#define SIP_SVC_VERSION_MINOR (1U)
/* These macros are used to identify PM calls from the SMC function ID */
-#define PM_FID_MASK 0xf000u
+#define SIP_FID_MASK GENMASK(23, 16)
+#define XLNX_FID_MASK GENMASK(23, 12)
#define PM_FID_VALUE 0u
#define IPI_FID_VALUE 0x1000u
-#define is_pm_fid(_fid) (((_fid) & PM_FID_MASK) == PM_FID_VALUE)
-#define is_ipi_fid(_fid) (((_fid) & PM_FID_MASK) == IPI_FID_VALUE)
+#define is_pm_fid(_fid) (((_fid) & XLNX_FID_MASK) == PM_FID_VALUE)
+#define is_ipi_fid(_fid) (((_fid) & XLNX_FID_MASK) == IPI_FID_VALUE)
/* SiP Service UUID */
DEFINE_SVC_UUID2(versal_net_sip_uuid,
@@ -62,6 +64,14 @@
void *handle,
u_register_t flags)
{
+ VERBOSE("SMCID: 0x%08x, x1: 0x%016" PRIx64 ", x2: 0x%016" PRIx64 ", x3: 0x%016" PRIx64 ", x4: 0x%016" PRIx64 "\n",
+ smc_fid, x1, x2, x3, x4);
+
+ if (smc_fid & SIP_FID_MASK) {
+ WARN("SMC out of SiP assinged range: 0x%x\n", smc_fid);
+ SMC_RET1(handle, SMC_UNK);
+ }
+
/* Let PM SMC handler deal with PM-related requests */
if (is_pm_fid(smc_fid)) {
return smc_handler(smc_fid, x1, x2, x3, x4, cookie, handle,
diff --git a/plat/xilinx/versal_net/versal_net_gicv3.c b/plat/xilinx/versal_net/versal_net_gicv3.c
index 1d45a58..138d2c2 100644
--- a/plat/xilinx/versal_net/versal_net_gicv3.c
+++ b/plat/xilinx/versal_net/versal_net_gicv3.c
@@ -39,8 +39,8 @@
* We save and restore the GICv3 context on system suspend. Allocate the
* data in the designated EL3 Secure carve-out memory.
*/
-static gicv3_redist_ctx_t rdist_ctx __section("versal_net_el3_tzc_dram");
-static gicv3_dist_ctx_t dist_ctx __section("versal_net_el3_tzc_dram");
+static gicv3_redist_ctx_t rdist_ctx __section(".versal_net_el3_tzc_dram");
+static gicv3_dist_ctx_t dist_ctx __section(".versal_net_el3_tzc_dram");
/*
* MPIDR hashing function for translating MPIDRs read from GICR_TYPER register
diff --git a/plat/xilinx/zynqmp/bl31_zynqmp_setup.c b/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
index 1d59537..1d963e8 100644
--- a/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
+++ b/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -16,6 +17,7 @@
#include <plat/common/platform.h>
#include <lib/mmio.h>
+#include <custom_svc.h>
#include <plat_startup.h>
#include <plat_private.h>
#include <zynqmp_def.h>
@@ -118,9 +120,7 @@
enum fsbl_handoff ret = fsbl_atf_handover(&bl32_image_ep_info,
&bl33_image_ep_info,
atf_handoff_addr);
- if (ret == FSBL_HANDOFF_NO_STRUCT) {
- bl31_set_default_config();
- } else if (ret != FSBL_HANDOFF_SUCCESS) {
+ if (ret != FSBL_HANDOFF_SUCCESS) {
panic();
}
}
@@ -130,6 +130,9 @@
if (bl33_image_ep_info.pc != 0) {
VERBOSE("BL31: Non secure code at 0x%lx\n", bl33_image_ep_info.pc);
}
+
+ custom_early_setup();
+
}
#if ZYNQMP_WDT_RESTART
@@ -197,8 +200,9 @@
}
/* Reserve memory used by Trusted Firmware. */
- if (fdt_add_reserved_memory(dtb, "tf-a", BL31_BASE, BL31_LIMIT - BL31_BASE)) {
- WARN("Failed to add reserved memory nodes to DT.\n");
+ if (fdt_add_reserved_memory(dtb, "tf-a", BL31_BASE,
+ BL31_LIMIT - BL31_BASE + 1)) {
+ WARN("Failed to add reserved memory nodes for BL31 to DT.\n");
}
ret = fdt_pack(dtb);
@@ -214,7 +218,7 @@
void bl31_platform_setup(void)
{
#if (BL31_LIMIT < PLAT_DDR_LOWMEM_MAX)
- prepare_dtb();
+ prepare_dtb();
#endif
/* Initialize the gic cpu and distributor interfaces */
@@ -245,7 +249,6 @@
plat_arm_interconnect_init();
plat_arm_interconnect_enter_coherency();
-
const mmap_region_t bl_regions[] = {
#if (BL31_LIMIT < PLAT_DDR_LOWMEM_MAX)
MAP_REGION_FLAT(XILINX_OF_BOARD_DTB_ADDR, XILINX_OF_BOARD_DTB_MAX_SIZE,
@@ -263,6 +266,8 @@
{0}
};
+ custom_mmap_add();
+
setup_page_tables(bl_regions, plat_arm_get_mmap());
enable_mmu_el3(0);
}
diff --git a/plat/xilinx/zynqmp/custom_sip_svc.c b/plat/xilinx/zynqmp/custom_sip_svc.c
new file mode 100644
index 0000000..fbb0a33
--- /dev/null
+++ b/plat/xilinx/zynqmp/custom_sip_svc.c
@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2022-2023, Advanced Micro Devices Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <common/bl_common.h>
+#include <common/debug.h>
+#include <smccc_helpers.h>
+
+uint64_t custom_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2,
+ uint64_t x3, uint64_t x4, void *cookie,
+ void *handle, uint64_t flags)
+{
+ WARN("Unimplemented SiP Service Call: 0x%x\n", smc_fid);
+ SMC_RET1(handle, SMC_UNK);
+}
+
+void custom_early_setup(void)
+{
+}
+
+void custom_mmap_add(void)
+{
+}
diff --git a/plat/xilinx/zynqmp/include/custom_svc.h b/plat/xilinx/zynqmp/include/custom_svc.h
new file mode 100644
index 0000000..ef0eb67
--- /dev/null
+++ b/plat/xilinx/zynqmp/include/custom_svc.h
@@ -0,0 +1,19 @@
+/*
+ * Copyright (c) 2022-2023, Advanced Micro Devices Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef CUSTOM_SVC_H
+#define CUSTOM_SVC_H
+
+#define ZYNQMP_SIP_SVC_CUSTOM U(0x82002000)
+#define ZYNQMP_SIP_SVC64_CUSTOM U(0xC2002000)
+
+uint64_t custom_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2,
+ uint64_t x3, uint64_t x4, void *cookie,
+ void *handle, uint64_t flags);
+
+void custom_early_setup(void);
+void custom_mmap_add(void);
+
+#endif /* CUSTOM_SVC_H */
diff --git a/plat/xilinx/zynqmp/include/plat_ipi.h b/plat/xilinx/zynqmp/include/plat_ipi.h
index a78f93a..bf56d5e 100644
--- a/plat/xilinx/zynqmp/include/plat_ipi.h
+++ b/plat/xilinx/zynqmp/include/plat_ipi.h
@@ -35,7 +35,6 @@
#define IPI_BUFFER_APU_BASE (IPI_BUFFER_BASEADDR + 0x400U)
#define IPI_BUFFER_PMU_BASE (IPI_BUFFER_BASEADDR + 0xE00U)
-#define IPI_BUFFER_LOCAL_BASE IPI_BUFFER_APU_BASE
#define IPI_BUFFER_REMOTE_BASE IPI_BUFFER_PMU_BASE
#define IPI_BUFFER_TARGET_LOCAL_OFFSET 0x80U
diff --git a/plat/xilinx/zynqmp/include/platform_def.h b/plat/xilinx/zynqmp/include/platform_def.h
index c2d22c2..b46eb63 100644
--- a/plat/xilinx/zynqmp/include/platform_def.h
+++ b/plat/xilinx/zynqmp/include/platform_def.h
@@ -40,8 +40,8 @@
# define BL31_BASE U(0xfffea000)
# define BL31_LIMIT U(0x100000000)
#else
-# define BL31_BASE U(0xfffe5000)
-# define BL31_LIMIT U(0x100000000)
+# define BL31_BASE U(0x1000)
+# define BL31_LIMIT U(0x7ffff)
#endif
#else
# define BL31_BASE (ZYNQMP_ATF_MEM_BASE)
@@ -89,13 +89,22 @@
#define PLAT_PHY_ADDR_SPACE_SIZE (1ULL << 32)
#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 32)
+
+#ifndef MAX_MMAP_REGIONS
#if (BL31_LIMIT < PLAT_DDR_LOWMEM_MAX)
#define MAX_MMAP_REGIONS 8
-#define MAX_XLAT_TABLES 6
#else
#define MAX_MMAP_REGIONS 7
+#endif
+#endif
+
+#ifndef MAX_XLAT_TABLES
+#if (BL31_LIMIT < PLAT_DDR_LOWMEM_MAX)
+#define MAX_XLAT_TABLES 8
+#else
#define MAX_XLAT_TABLES 5
#endif
+#endif
#define CACHE_WRITEBACK_SHIFT 6
#define CACHE_WRITEBACK_GRANULE (1 << CACHE_WRITEBACK_SHIFT)
diff --git a/plat/xilinx/zynqmp/platform.mk b/plat/xilinx/zynqmp/platform.mk
index b751de8..38e7408 100644
--- a/plat/xilinx/zynqmp/platform.mk
+++ b/plat/xilinx/zynqmp/platform.mk
@@ -139,6 +139,12 @@
BL31_CPPFLAGS += -fno-jump-tables
TF_CFLAGS_aarch64 += -mbranch-protection=none
+ifdef CUSTOM_PKG_PATH
+include $(CUSTOM_PKG_PATH)/custom_pkg.mk
+else
+BL31_SOURCES += plat/xilinx/zynqmp/custom_sip_svc.c
+endif
+
ifneq (${RESET_TO_BL31},1)
$(error "Using BL31 as the reset vector is only one option supported on ZynqMP. Please set RESET_TO_BL31 to 1.")
endif
diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_sys.c b/plat/xilinx/zynqmp/pm_service/pm_api_sys.c
index a17b6c5..99594f7 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_api_sys.c
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_sys.c
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -252,10 +253,6 @@
return pm_shutdown_scope;
}
-#define EM_PACK_PAYLOAD1(pl, arg0) { \
- pl[0] = (uint16_t)(0xE) << 16 | (uint16_t)arg0; \
-}
-
/**
* pm_self_suspend() - PM call for processor to suspend itself
* @nid Node id of the processor or subsystem
@@ -786,7 +783,7 @@
{
switch (api_id) {
case PM_QUERY_DATA:
- *version = ATF_API_BASE_VERSION;
+ *version = TFA_API_QUERY_DATA_VERSION;
bit_mask[0] = (uint32_t)(PM_QUERY_FEATURE_BITMASK);
bit_mask[1] = (uint32_t)(PM_QUERY_FEATURE_BITMASK >> 32);
return PM_RET_SUCCESS;
@@ -922,14 +919,16 @@
*version = ret_payload[0];
/* Update IOCTL bit mask which are implemented in ATF */
- if (api_id == PM_IOCTL) {
+ if ((api_id == PM_IOCTL) || (api_id == PM_GET_OP_CHARACTERISTIC)) {
if (len < 2) {
return PM_RET_ERROR_ARGS;
}
bit_mask[0] = ret_payload[1];
bit_mask[1] = ret_payload[2];
- /* Get IOCTL's implemented by ATF */
- status = atf_ioctl_bitmask(bit_mask);
+ if (api_id == PM_IOCTL) {
+ /* Get IOCTL's implemented by ATF */
+ status = atf_ioctl_bitmask(bit_mask);
+ }
} else {
/* Requires for MISRA */
}
@@ -1807,30 +1806,3 @@
return pm_ipi_send_sync(primary_proc, payload, value, 1);
}
-
-enum pm_ret_status em_set_action(uint32_t *value)
-{
- uint32_t payload[PAYLOAD_ARG_CNT];
-
- /* Send request to the PMU */
- EM_PACK_PAYLOAD1(payload, EM_SET_ACTION);
- return pm_ipi_send_sync(primary_proc, payload, value, 1);
-}
-
-enum pm_ret_status em_remove_action(uint32_t *value)
-{
- uint32_t payload[PAYLOAD_ARG_CNT];
-
- /* Send request to the PMU */
- EM_PACK_PAYLOAD1(payload, EM_REMOVE_ACTION);
- return pm_ipi_send_sync(primary_proc, payload, value, 1);
-}
-
-enum pm_ret_status em_send_errors(uint32_t *value)
-{
- uint32_t payload[PAYLOAD_ARG_CNT];
-
- /* Send request to the PMU */
- EM_PACK_PAYLOAD1(payload, EM_SEND_ERRORS);
- return pm_ipi_send_sync(primary_proc, payload, value, 1);
-}
diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_sys.h b/plat/xilinx/zynqmp/pm_service/pm_api_sys.h
index 9ba9475..c4fe038 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_api_sys.h
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_sys.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -187,9 +188,6 @@
enum pm_ret_status pm_pll_get_mode(enum pm_node_id nid, enum pm_pll_mode *mode);
enum pm_ret_status pm_efuse_access(uint32_t address_high,
uint32_t address_low, uint32_t *value);
-enum pm_ret_status em_set_action(uint32_t *value);
-enum pm_ret_status em_remove_action(uint32_t *value);
-enum pm_ret_status em_send_errors(uint32_t *value);
enum pm_ret_status pm_feature_check(uint32_t api_id, uint32_t *version,
uint32_t *bit_mask, uint8_t len);
enum pm_ret_status check_api_dependency(uint8_t id);
diff --git a/plat/xilinx/zynqmp/pm_service/pm_defs.h b/plat/xilinx/zynqmp/pm_service/pm_defs.h
index e335b94..008cfdc 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_defs.h
+++ b/plat/xilinx/zynqmp/pm_service/pm_defs.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -31,6 +32,9 @@
#define FW_API_VERSION_2 (2U)
/* Version of APIs implemented in ATF */
#define ATF_API_BASE_VERSION (1U)
+/* Updating the QUERY_DATA API versioning as the bitmask functionality
+ * support is added in the v2.*/
+#define TFA_API_QUERY_DATA_VERSION (2U)
/* Capabilities for RAM */
#define PM_CAP_ACCESS 0x1U
@@ -49,8 +53,6 @@
#define PM_PROC_STATE_SLEEP 2U
#define PM_PROC_STATE_SUSPENDING 3U
-#define EM_FUNID_NUM_MASK 0xF0000U
-
#define PM_GET_CALLBACK_DATA 0xa01
#define PM_SET_SUSPEND_MODE 0xa02
#define PM_GET_TRUSTZONE_VERSION 0xa03
@@ -122,9 +124,9 @@
/* PM Register Access API */
PM_REGISTER_ACCESS,
PM_EFUSE_ACCESS,
- PM_FPGA_GET_VERSION,
- PM_FPGA_GET_FEATURE_LIST,
PM_FEATURE_CHECK = 63,
+ PM_FPGA_GET_VERSION = 72,
+ PM_FPGA_GET_FEATURE_LIST,
PM_API_MAX
};
@@ -351,13 +353,4 @@
PM_CLOCK_DIV1_ID,
};
-/**
- * EM API IDs
- */
-enum em_api_id {
- EM_SET_ACTION = 1,
- EM_REMOVE_ACTION,
- EM_SEND_ERRORS,
-};
-
#endif /* PM_DEFS_H */
diff --git a/plat/xilinx/zynqmp/pm_service/pm_svc_main.c b/plat/xilinx/zynqmp/pm_service/pm_svc_main.c
index a3f0278..c907773 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_svc_main.c
+++ b/plat/xilinx/zynqmp/pm_service/pm_svc_main.c
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -568,56 +569,3 @@
(uint64_t)result[1] | ((uint64_t)result[2] << 32U));
}
}
-
-/**
- * em_smc_handler() - SMC handler for EM-API calls coming from EL1/EL2.
- * @smc_fid - Function Identifier
- * @x1 - x4 - Arguments
- * @cookie - Unused
- * @handler - Pointer to caller's context structure
- *
- * @return - Unused
- *
- * Determines that smc_fid is valid and supported EM SMC Function ID from the
- * list of em_api_ids, otherwise completes the request with
- * the unknown SMC Function ID
- *
- * The SMC calls for EM service are forwarded from SIP Service SMC handler
- * function with rt_svc_handle signature
- */
-uint64_t em_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
- uint64_t x4, const void *cookie, void *handle, uint64_t flags)
-{
- enum pm_ret_status ret;
-
- switch (smc_fid & FUNCID_NUM_MASK) {
- /* EM API Functions */
- case EM_SET_ACTION:
- {
- uint32_t value;
-
- ret = em_set_action(&value);
- SMC_RET1(handle, (uint64_t)ret | ((uint64_t)value) << 32U);
- }
-
- case EM_REMOVE_ACTION:
- {
- uint32_t value;
-
- ret = em_remove_action(&value);
- SMC_RET1(handle, (uint64_t)ret | ((uint64_t)value) << 32U);
- }
-
- case EM_SEND_ERRORS:
- {
- uint32_t value;
-
- ret = em_send_errors(&value);
- SMC_RET1(handle, (uint64_t)ret | ((uint64_t)value) << 32U);
- }
-
- default:
- WARN("Unimplemented EM Service Call: 0x%x\n", smc_fid);
- SMC_RET1(handle, SMC_UNK);
- }
-}
diff --git a/plat/xilinx/zynqmp/pm_service/pm_svc_main.h b/plat/xilinx/zynqmp/pm_service/pm_svc_main.h
index c1781f3..3c3082f 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_svc_main.h
+++ b/plat/xilinx/zynqmp/pm_service/pm_svc_main.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -13,8 +14,4 @@
uint64_t pm_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
uint64_t x4, const void *cookie, void *handle,
uint64_t flags);
-
-uint64_t em_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
- uint64_t x4, const void *cookie, void *handle,
- uint64_t flags);
#endif /* PM_SVC_MAIN_H */
diff --git a/plat/xilinx/zynqmp/sip_svc_setup.c b/plat/xilinx/zynqmp/sip_svc_setup.c
index 4ce9b8a..c55784e 100644
--- a/plat/xilinx/zynqmp/sip_svc_setup.c
+++ b/plat/xilinx/zynqmp/sip_svc_setup.c
@@ -1,14 +1,18 @@
/*
* Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/* Top level SMC handler for SiP calls. Dispatch PM calls to PM SMC handler. */
+#include <inttypes.h>
+
#include <common/runtime_svc.h>
#include <tools_share/uuid.h>
+#include <custom_svc.h>
#include "ipi_mailbox_svc.h"
#include "pm_svc_main.h"
@@ -22,14 +26,12 @@
#define SIP_SVC_VERSION_MINOR 1
/* These macros are used to identify PM, IPI calls from the SMC function ID */
-#define PM_FID_MASK 0xf000u
+#define SIP_FID_MASK GENMASK(23, 16)
+#define XLNX_FID_MASK GENMASK(23, 12)
#define PM_FID_VALUE 0u
#define IPI_FID_VALUE 0x1000u
-#define EM_FID_MASK 0xf0000u
-#define EM_FID_VALUE 0xE0000u
-#define is_em_fid(_fid) (((_fid) & EM_FID_MASK) == EM_FID_VALUE)
-#define is_pm_fid(_fid) (((_fid) & PM_FID_MASK) == PM_FID_VALUE)
-#define is_ipi_fid(_fid) (((_fid) & PM_FID_MASK) == IPI_FID_VALUE)
+#define is_pm_fid(_fid) (((_fid) & XLNX_FID_MASK) == PM_FID_VALUE)
+#define is_ipi_fid(_fid) (((_fid) & XLNX_FID_MASK) == IPI_FID_VALUE)
/* SiP Service UUID */
DEFINE_SVC_UUID2(zynqmp_sip_uuid,
@@ -62,12 +64,16 @@
void *handle,
u_register_t flags)
{
- /* Let EM SMC handler deal with EM-related requests */
- if (is_em_fid(smc_fid)) {
- return em_smc_handler(smc_fid, x1, x2, x3, x4, cookie, handle,
- flags);
- } else if (is_pm_fid(smc_fid)) {
+ VERBOSE("SMCID: 0x%08x, x1: 0x%016" PRIx64 ", x2: 0x%016" PRIx64 ", x3: 0x%016" PRIx64 ", x4: 0x%016" PRIx64 "\n",
+ smc_fid, x1, x2, x3, x4);
+
+ if (smc_fid & SIP_FID_MASK) {
+ WARN("SMC out of SiP assinged range: 0x%x\n", smc_fid);
+ SMC_RET1(handle, SMC_UNK);
+ }
+
/* Let PM SMC handler deal with PM-related requests */
+ if (is_pm_fid(smc_fid)) {
return pm_smc_handler(smc_fid, x1, x2, x3, x4, cookie, handle,
flags);
}
@@ -89,6 +95,11 @@
case ZYNQMP_SIP_SVC_VERSION:
SMC_RET2(handle, SIP_SVC_VERSION_MAJOR, SIP_SVC_VERSION_MINOR);
+ case ZYNQMP_SIP_SVC_CUSTOM:
+ case ZYNQMP_SIP_SVC64_CUSTOM:
+ return custom_smc_handler(smc_fid, x1, x2, x3, x4, cookie,
+ handle, flags);
+
default:
WARN("Unimplemented SiP Service Call: 0x%x\n", smc_fid);
SMC_RET1(handle, SMC_UNK);
diff --git a/services/std_svc/spm/spm_mm/spm_mm_xlat.c b/services/std_svc/spm/spm_mm/spm_mm_xlat.c
index 6261016..b1ca55a 100644
--- a/services/std_svc/spm/spm_mm/spm_mm_xlat.c
+++ b/services/std_svc/spm/spm_mm/spm_mm_xlat.c
@@ -19,7 +19,7 @@
/* Place translation tables by default along with the ones used by BL31. */
#ifndef PLAT_SP_IMAGE_XLAT_SECTION_NAME
-#define PLAT_SP_IMAGE_XLAT_SECTION_NAME "xlat_table"
+#define PLAT_SP_IMAGE_XLAT_SECTION_NAME ".xlat_table"
#endif
#ifndef PLAT_SP_IMAGE_BASE_XLAT_SECTION_NAME
#define PLAT_SP_IMAGE_BASE_XLAT_SECTION_NAME ".bss"
diff --git a/services/std_svc/spmd/spmd_main.c b/services/std_svc/spmd/spmd_main.c
index dde1622..3c207ad 100644
--- a/services/std_svc/spmd/spmd_main.c
+++ b/services/std_svc/spmd/spmd_main.c
@@ -581,10 +581,40 @@
#endif
cm_set_next_eret_context(secure_state_out);
+#if SPMD_SPM_AT_SEL2
+ /*
+ * If SPMC is at SEL2, save additional registers x8-x17, which may
+ * be used in FF-A calls such as FFA_PARTITION_INFO_GET_REGS.
+ * Note that technically, all SPMCs can support this, but this code is
+ * under ifdef to minimize breakage in case other SPMCs do not save
+ * and restore x8-x17.
+ * We also need to pass through these registers since not all FF-A ABIs
+ * modify x8-x17, in which case, SMCCC requires that these registers be
+ * preserved, so the SPMD passes through these registers and expects the
+ * SPMC to save and restore (potentially also modify) them.
+ */
+ SMC_RET18(cm_get_context(secure_state_out), smc_fid, x1, x2, x3, x4,
+ SMC_GET_GP(handle, CTX_GPREG_X5),
+ SMC_GET_GP(handle, CTX_GPREG_X6),
+ SMC_GET_GP(handle, CTX_GPREG_X7),
+ SMC_GET_GP(handle, CTX_GPREG_X8),
+ SMC_GET_GP(handle, CTX_GPREG_X9),
+ SMC_GET_GP(handle, CTX_GPREG_X10),
+ SMC_GET_GP(handle, CTX_GPREG_X11),
+ SMC_GET_GP(handle, CTX_GPREG_X12),
+ SMC_GET_GP(handle, CTX_GPREG_X13),
+ SMC_GET_GP(handle, CTX_GPREG_X14),
+ SMC_GET_GP(handle, CTX_GPREG_X15),
+ SMC_GET_GP(handle, CTX_GPREG_X16),
+ SMC_GET_GP(handle, CTX_GPREG_X17)
+ );
+
+#else
SMC_RET8(cm_get_context(secure_state_out), smc_fid, x1, x2, x3, x4,
SMC_GET_GP(handle, CTX_GPREG_X5),
SMC_GET_GP(handle, CTX_GPREG_X6),
SMC_GET_GP(handle, CTX_GPREG_X7));
+#endif
}
/*******************************************************************************
@@ -1042,7 +1072,23 @@
return spmd_ffa_error_return(handle, FFA_ERROR_DENIED);
}
break; /* Not reached */
+#if MAKE_FFA_VERSION(1, 1) <= FFA_VERSION_COMPILED
+ case FFA_PARTITION_INFO_GET_REGS_SMC64:
+ if (secure_origin) {
+ /* TODO: Future patches to enable support for this */
+ return spmd_ffa_error_return(handle, FFA_ERROR_NOT_SUPPORTED);
+ }
+ /* Call only supported with SMCCC 1.2+ */
+ if (MAKE_SMCCC_VERSION(SMCCC_MAJOR_VERSION, SMCCC_MINOR_VERSION) < 0x10002) {
+ return spmd_ffa_error_return(handle, FFA_ERROR_NOT_SUPPORTED);
+ }
+
+ return spmd_smc_forward(smc_fid, secure_origin,
+ x1, x2, x3, x4, cookie,
+ handle, flags);
+ break; /* Not reached */
+#endif
default:
WARN("SPM: Unsupported call 0x%08x\n", smc_fid);
return spmd_ffa_error_return(handle, FFA_ERROR_NOT_SUPPORTED);
diff --git a/tools/marvell/doimage/doimage.c b/tools/marvell/doimage/doimage.c
index e08b820..513f33f 100644
--- a/tools/marvell/doimage/doimage.c
+++ b/tools/marvell/doimage/doimage.c
@@ -17,12 +17,6 @@
#ifdef CONFIG_MVEBU_SECURE_BOOT
#include <libconfig.h> /* for parsing config file */
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
/* mbedTLS stuff */
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \
defined(MBEDTLS_SHA256_C) && \
@@ -34,6 +28,7 @@
#include <mbedtls/md.h>
#include <mbedtls/pk.h>
#include <mbedtls/sha256.h>
+#include <mbedtls/version.h>
#include <mbedtls/x509.h>
#else
#error "Bad mbedTLS configuration!"